VulnerableCode Package Details - pkg:deb/debian/cron@3.0pl1-124

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/cron@3.0pl1-124

Essentials
History (4)

purl	pkg:deb/debian/cron@3.0pl1-124

Next non-vulnerable version	3.0pl1-134+deb10u1
Latest non-vulnerable version	3.0pl1-134+deb10u1
Risk	3.1

Vulnerabilities affecting this package (4)

Vulnerability	Summary	Fixed by
VCID-7eb6-yuy1-b3ey Aliases: CVE-2019-9706		3.0pl1-134+deb10u1 Affected by 0 other vulnerabilities.
VCID-a5yt-p4kb-gkcp Aliases: CVE-2017-9525	In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs.	3.0pl1-134+deb10u1 Affected by 0 other vulnerabilities.
VCID-vyzp-ezhd-33dy Aliases: CVE-2019-9704		3.0pl1-134+deb10u1 Affected by 0 other vulnerabilities.
VCID-we32-zams-aqad Aliases: CVE-2019-9705		3.0pl1-134+deb10u1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T11:50:31.554285+00:00	Debian Oval Importer	Affected by	VCID-we32-zams-aqad	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T10:23:37.736474+00:00	Debian Oval Importer	Affected by	VCID-a5yt-p4kb-gkcp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T05:22:30.392927+00:00	Debian Oval Importer	Affected by	VCID-7eb6-yuy1-b3ey	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T04:37:29.065396+00:00	Debian Oval Importer	Affected by	VCID-vyzp-ezhd-33dy	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0