Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/bash@3.1dfsg-8
purl pkg:deb/debian/bash@3.1dfsg-8
Next non-vulnerable version 5.2.15-2
Latest non-vulnerable version 5.2.15-2
Risk 10.0
Vulnerabilities affecting this package (15)
Vulnerability Summary Fixed by
VCID-2ant-qsbm-37d9
Aliases:
CVE-2019-18276
5.1-2+deb11u1
Affected by 1 other vulnerability.
VCID-3n27-ddbb-2uc4
Aliases:
CVE-2012-6711
4.3-11
Affected by 6 other vulnerabilities.
VCID-3nzd-713w-qygu
Aliases:
CVE-2014-6271
4.2+dfsg-0.1+deb7u3
Affected by 13 other vulnerabilities.
4.3-11
Affected by 6 other vulnerabilities.
VCID-6sdv-wm7w-kbd5
Aliases:
CVE-2019-9924
4.4-5
Affected by 1 other vulnerability.
VCID-6u87-8gdp-kff5
Aliases:
CVE-2016-9401
4.4-5
Affected by 1 other vulnerability.
VCID-7rp9-3b3v-83hq
Aliases:
CVE-2012-3410
Two vulnerabilities have been found in Bash, the worst of which may allow execution of arbitrary code.
4.2+dfsg-0.1+deb7u3
Affected by 13 other vulnerabilities.
VCID-9rdp-azhv-63fd
Aliases:
CVE-2017-5932
4.4-5
Affected by 1 other vulnerability.
VCID-c5br-pkm3-v7a2
Aliases:
CVE-2014-7169
security update
4.2+dfsg-0.1+deb7u3
Affected by 13 other vulnerabilities.
4.3-11
Affected by 6 other vulnerabilities.
VCID-d5ak-9k7x-8yew
Aliases:
CVE-2014-6277
Multiple parsing flaws in Bash could allow remote attackers to inject code or cause a Denial of Service condition.
4.3-11
Affected by 6 other vulnerabilities.
VCID-fdzr-4k2w-8uer
Aliases:
CVE-2014-6278
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.
4.3-11
Affected by 6 other vulnerabilities.
VCID-hbrj-cf36-wkh7
Aliases:
CVE-2014-7186
security update
4.2+dfsg-0.1+deb7u3
Affected by 13 other vulnerabilities.
4.3-11
Affected by 6 other vulnerabilities.
VCID-jkzr-5ga8-1kh1
Aliases:
CVE-2016-7543
4.4-5
Affected by 1 other vulnerability.
VCID-p9zw-cggw-tkff
Aliases:
CVE-2014-7187
security update
4.2+dfsg-0.1+deb7u3
Affected by 13 other vulnerabilities.
4.3-11
Affected by 6 other vulnerabilities.
VCID-pddx-ctd3-6bbd
Aliases:
CVE-2016-0634
4.4-5
Affected by 1 other vulnerability.
VCID-pmds-1qrb-87br
Aliases:
CVE-2008-5374
Two vulnerabilities have been found in Bash, the worst of which may allow execution of arbitrary code.
4.1-3
Affected by 14 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-13T11:56:34.962267+00:00 Debian Oval Importer Affected by VCID-3n27-ddbb-2uc4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T11:20:50.291591+00:00 Debian Oval Importer Affected by VCID-fdzr-4k2w-8uer https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T09:59:27.842013+00:00 Debian Oval Importer Affected by VCID-hbrj-cf36-wkh7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T09:53:09.932997+00:00 Debian Oval Importer Affected by VCID-p9zw-cggw-tkff https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T09:39:55.375009+00:00 Debian Oval Importer Affected by VCID-3nzd-713w-qygu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T09:03:33.771795+00:00 Debian Oval Importer Affected by VCID-2ant-qsbm-37d9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T08:44:35.047509+00:00 Debian Oval Importer Affected by VCID-jkzr-5ga8-1kh1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T06:40:00.475261+00:00 Debian Oval Importer Affected by VCID-pddx-ctd3-6bbd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T06:30:04.665899+00:00 Debian Oval Importer Affected by VCID-9rdp-azhv-63fd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T05:57:51.470086+00:00 Debian Oval Importer Affected by VCID-6u87-8gdp-kff5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T05:55:50.988042+00:00 Debian Oval Importer Affected by VCID-d5ak-9k7x-8yew https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T05:05:59.383606+00:00 Debian Oval Importer Affected by VCID-7rp9-3b3v-83hq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T04:15:55.351190+00:00 Debian Oval Importer Affected by VCID-c5br-pkm3-v7a2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T04:01:20.104148+00:00 Debian Oval Importer Affected by VCID-pmds-1qrb-87br https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-13T02:50:00.929788+00:00 Debian Oval Importer Affected by VCID-6sdv-wm7w-kbd5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-12T23:36:26.839106+00:00 Debian Oval Importer Affected by VCID-hbrj-cf36-wkh7 https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.6.0
2026-06-12T23:31:22.403428+00:00 Debian Oval Importer Affected by VCID-c5br-pkm3-v7a2 https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.6.0
2026-06-12T23:20:58.351704+00:00 Debian Oval Importer Affected by VCID-p9zw-cggw-tkff https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.6.0
2026-06-12T23:16:04.224603+00:00 Debian Oval Importer Affected by VCID-3nzd-713w-qygu https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.6.0