VulnerableCode Package Details - pkg:deb/debian/cairo@1.6.4-7

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/cairo@1.6.4-7

Essentials
History (18)

purl	pkg:deb/debian/cairo@1.6.4-7

Next non-vulnerable version	1.18.4-1
Latest non-vulnerable version	1.18.4-1
Risk	4.5

Vulnerabilities affecting this package (6)

Vulnerability	Summary	Fixed by
VCID-8bnq-c161-2yaq Aliases: CVE-2018-19876	cairo: Invalid free in cairo_ft_apply_variations() resulting in a denial of service	1.16.0-4+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-cadj-unsk-rubv Aliases: CVE-2016-9082	Multiple vulnerabilities were found in Cairo, the worst of which could cause a Denial of Service condition.	1.14.8-1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-rzf2-bp8j-27fq Aliases: CVE-2020-35492	A buffer overflow vulnerability has been discovered in Cairo which could result in denial of service.	1.16.0-5 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-s8zd-7rpb-ukct Aliases: CVE-2009-2044	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.	1.8.10-6 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-vf5a-zwgr-pqg5 Aliases: CVE-2017-9814	Multiple vulnerabilities were found in Cairo, the worst of which could cause a Denial of Service condition.	1.16.0-4+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-w7a8-e349-bfdx Aliases: CVE-2016-3190	cairo: out of bounds read in fill_xrgb32_lerp_opaque_spans	1.14.8-1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T01:01:50.650727+00:00	Debian Oval Importer	Affected by	VCID-8bnq-c161-2yaq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:48:04.534283+00:00	Debian Oval Importer	Affected by	VCID-vf5a-zwgr-pqg5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:33:11.891743+00:00	Debian Oval Importer	Affected by	VCID-rzf2-bp8j-27fq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:16:17.601034+00:00	Debian Oval Importer	Affected by	VCID-w7a8-e349-bfdx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:29:15.146167+00:00	Debian Oval Importer	Affected by	VCID-cadj-unsk-rubv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:29:15.077510+00:00	Debian Oval Importer	Affected by	VCID-s8zd-7rpb-ukct	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-12T00:34:00.015063+00:00	Debian Oval Importer	Affected by	VCID-8bnq-c161-2yaq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:22:36.282550+00:00	Debian Oval Importer	Affected by	VCID-vf5a-zwgr-pqg5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:08:18.647971+00:00	Debian Oval Importer	Affected by	VCID-rzf2-bp8j-27fq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:52:00.276261+00:00	Debian Oval Importer	Affected by	VCID-w7a8-e349-bfdx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:06:20.057768+00:00	Debian Oval Importer	Affected by	VCID-cadj-unsk-rubv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:17:20.111044+00:00	Debian Oval Importer	Affected by	VCID-s8zd-7rpb-ukct	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-09T00:04:12.611926+00:00	Debian Oval Importer	Affected by	VCID-8bnq-c161-2yaq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:55:51.270525+00:00	Debian Oval Importer	Affected by	VCID-vf5a-zwgr-pqg5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:41:59.489857+00:00	Debian Oval Importer	Affected by	VCID-rzf2-bp8j-27fq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:26:32.333646+00:00	Debian Oval Importer	Affected by	VCID-w7a8-e349-bfdx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:43:09.960235+00:00	Debian Oval Importer	Affected by	VCID-cadj-unsk-rubv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:12:05.274108+00:00	Debian Oval Importer	Affected by	VCID-s8zd-7rpb-ukct	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0