Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/chafa@1.6.0-1
purl pkg:deb/debian/chafa@1.6.0-1
Next non-vulnerable version 1.12.4-1
Latest non-vulnerable version 1.12.4-1
Risk
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-1n27-hpr9-fygp
Aliases:
CVE-2022-2301
Buffer Over-read in GitHub repository hpjansson/chafa prior to 1.10.3.
1.12.4-1
Affected by 0 other vulnerabilities.
VCID-2216-b4pe-1kga
Aliases:
CVE-2022-1507
chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. in GitHub repository hpjansson/chafa prior to 1.10.2. chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file.
1.12.4-1
Affected by 0 other vulnerabilities.
VCID-fp5f-x7nh-xfdy
Aliases:
CVE-2022-2061
Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0.
1.12.4-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-13T01:54:36.500221+00:00 Debian Importer Affected by VCID-2216-b4pe-1kga https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-06-13T01:08:43.626692+00:00 Debian Importer Affected by VCID-1n27-hpr9-fygp https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-06-13T00:25:33.095710+00:00 Debian Importer Affected by VCID-fp5f-x7nh-xfdy https://security-tracker.debian.org/tracker/data/json 38.6.0