Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/bash@2.05b-2-26
purl pkg:deb/debian/bash@2.05b-2-26
Next non-vulnerable version 5.2.15-2
Latest non-vulnerable version 5.2.15-2
Risk 10.0
Vulnerabilities affecting this package (15)
Vulnerability Summary Fixed by
VCID-2ant-qsbm-37d9
Aliases:
CVE-2019-18276
5.1-2+deb11u1
Affected by 1 other vulnerability.
VCID-3n27-ddbb-2uc4
Aliases:
CVE-2012-6711
4.3-11
Affected by 6 other vulnerabilities.
VCID-3nzd-713w-qygu
Aliases:
CVE-2014-6271
4.2+dfsg-0.1+deb7u3
Affected by 13 other vulnerabilities.
4.3-11
Affected by 6 other vulnerabilities.
VCID-6sdv-wm7w-kbd5
Aliases:
CVE-2019-9924
4.4-5
Affected by 1 other vulnerability.
VCID-6u87-8gdp-kff5
Aliases:
CVE-2016-9401
4.4-5
Affected by 1 other vulnerability.
VCID-7rp9-3b3v-83hq
Aliases:
CVE-2012-3410
Two vulnerabilities have been found in Bash, the worst of which may allow execution of arbitrary code.
4.2+dfsg-0.1+deb7u3
Affected by 13 other vulnerabilities.
VCID-9rdp-azhv-63fd
Aliases:
CVE-2017-5932
4.4-5
Affected by 1 other vulnerability.
VCID-c5br-pkm3-v7a2
Aliases:
CVE-2014-7169
security update
4.2+dfsg-0.1+deb7u3
Affected by 13 other vulnerabilities.
4.3-11
Affected by 6 other vulnerabilities.
VCID-d5ak-9k7x-8yew
Aliases:
CVE-2014-6277
Multiple parsing flaws in Bash could allow remote attackers to inject code or cause a Denial of Service condition.
4.3-11
Affected by 6 other vulnerabilities.
VCID-fdzr-4k2w-8uer
Aliases:
CVE-2014-6278
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.
4.3-11
Affected by 6 other vulnerabilities.
VCID-hbrj-cf36-wkh7
Aliases:
CVE-2014-7186
security update
4.2+dfsg-0.1+deb7u3
Affected by 13 other vulnerabilities.
4.3-11
Affected by 6 other vulnerabilities.
VCID-jkzr-5ga8-1kh1
Aliases:
CVE-2016-7543
4.4-5
Affected by 1 other vulnerability.
VCID-p9zw-cggw-tkff
Aliases:
CVE-2014-7187
security update
4.2+dfsg-0.1+deb7u3
Affected by 13 other vulnerabilities.
4.3-11
Affected by 6 other vulnerabilities.
VCID-pddx-ctd3-6bbd
Aliases:
CVE-2016-0634
4.4-5
Affected by 1 other vulnerability.
VCID-pmds-1qrb-87br
Aliases:
CVE-2008-5374
Two vulnerabilities have been found in Bash, the worst of which may allow execution of arbitrary code.
4.1-3
Affected by 14 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-13T11:56:34.958242+00:00 Debian Oval Importer Affected by VCID-3n27-ddbb-2uc4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T11:20:50.287407+00:00 Debian Oval Importer Affected by VCID-fdzr-4k2w-8uer https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T09:59:27.838431+00:00 Debian Oval Importer Affected by VCID-hbrj-cf36-wkh7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T09:53:09.929087+00:00 Debian Oval Importer Affected by VCID-p9zw-cggw-tkff https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T09:39:55.371110+00:00 Debian Oval Importer Affected by VCID-3nzd-713w-qygu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T09:03:33.767728+00:00 Debian Oval Importer Affected by VCID-2ant-qsbm-37d9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T08:44:35.043753+00:00 Debian Oval Importer Affected by VCID-jkzr-5ga8-1kh1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T06:40:00.471125+00:00 Debian Oval Importer Affected by VCID-pddx-ctd3-6bbd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T06:30:04.661492+00:00 Debian Oval Importer Affected by VCID-9rdp-azhv-63fd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T05:57:51.465934+00:00 Debian Oval Importer Affected by VCID-6u87-8gdp-kff5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T05:55:50.982577+00:00 Debian Oval Importer Affected by VCID-d5ak-9k7x-8yew https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T05:05:59.379273+00:00 Debian Oval Importer Affected by VCID-7rp9-3b3v-83hq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T04:15:55.347085+00:00 Debian Oval Importer Affected by VCID-c5br-pkm3-v7a2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T04:01:20.099642+00:00 Debian Oval Importer Affected by VCID-pmds-1qrb-87br https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T02:50:00.925681+00:00 Debian Oval Importer Affected by VCID-6sdv-wm7w-kbd5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-12T23:36:26.834861+00:00 Debian Oval Importer Affected by VCID-hbrj-cf36-wkh7 https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.6.0
2026-06-12T23:31:22.399034+00:00 Debian Oval Importer Affected by VCID-c5br-pkm3-v7a2 https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.6.0
2026-06-12T23:20:58.347553+00:00 Debian Oval Importer Affected by VCID-p9zw-cggw-tkff https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.6.0
2026-06-12T23:16:04.219962+00:00 Debian Oval Importer Affected by VCID-3nzd-713w-qygu https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.6.0