VulnerableCode Package Details - pkg:deb/debian/cyrus-sasl2@2.1.22.dfsg1-8

Search for packages

Vulnerability	Summary	Fixed by
VCID-2hdg-fauv-7bhv Aliases: CVE-2013-4122	A NULL pointer dereference in Cyrus-SASL may allow remote attackers to cause a Denial of Service condition.	2.1.26.dfsg1-13+deb8u1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.1.27~101-g0780600+dfsg-3+deb9u1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-ca3b-g7k5-yucm Aliases: CVE-2019-19906	security update	2.1.27~101-g0780600+dfsg-3+deb9u1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.1.27+dfsg-1+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.1.27+dfsg-2.1+deb11u1 Affected by 0 other vulnerabilities.
VCID-fthp-w8mb-nkgr Aliases: CVE-2009-0688	A buffer overflow in Cyrus-SASL might allow for the execution of arbitrary code in applications or daemons that authenticate using SASL.	2.1.23.dfsg1-7 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-ukce-7qpu-c7cm Aliases: CVE-2022-24407	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.	2.1.27+dfsg-1+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.1.27+dfsg-2.1+deb11u1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-2hdg-fauv-7bhv
Aliases:
CVE-2013-4122

A NULL pointer dereference in Cyrus-SASL may allow remote attackers to cause a Denial of Service condition.

2.1.26.dfsg1-13+deb8u1
Affected by 3 other vulnerabilities.

2.1.27~101-g0780600+dfsg-3+deb9u1
Affected by 2 other vulnerabilities.

VCID-ca3b-g7k5-yucm
Aliases:
CVE-2019-19906

security update

2.1.27~101-g0780600+dfsg-3+deb9u1
Affected by 2 other vulnerabilities.

2.1.27+dfsg-1+deb10u2
Affected by 2 other vulnerabilities.

2.1.27+dfsg-2.1+deb11u1
Affected by 0 other vulnerabilities.

VCID-fthp-w8mb-nkgr
Aliases:
CVE-2009-0688

A buffer overflow in Cyrus-SASL might allow for the execution of arbitrary code in applications or daemons that authenticate using SASL.

2.1.23.dfsg1-7
Affected by 3 other vulnerabilities.

VCID-ukce-7qpu-c7cm
Aliases:
CVE-2022-24407

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.

2.1.27+dfsg-1+deb10u2
Affected by 2 other vulnerabilities.

2.1.27+dfsg-2.1+deb11u1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-ymyx-w5ve-gkgh	Cyrus-SASL contains a vulnerability in the DIGEST-MD5 process that could lead to a Denial of Service.	CVE-2006-1721

Vulnerability

Summary

Aliases

VCID-ymyx-w5ve-gkgh

Cyrus-SASL contains a vulnerability in the DIGEST-MD5 process that could lead to a Denial of Service.

CVE-2006-1721

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T22:04:57.207713+00:00	Debian Oval Importer	Fixing	VCID-ymyx-w5ve-gkgh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:06:59.083514+00:00	Debian Oval Importer	Affected by	VCID-2hdg-fauv-7bhv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:21:40.724570+00:00	Debian Oval Importer	Affected by	VCID-fthp-w8mb-nkgr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:13:53.993987+00:00	Debian Oval Importer	Affected by	VCID-ukce-7qpu-c7cm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:39:49.200858+00:00	Debian Oval Importer	Affected by	VCID-ca3b-g7k5-yucm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:08:29.776065+00:00	Debian Oval Importer	Affected by	VCID-ukce-7qpu-c7cm	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.4.0
2026-04-15T15:05:04.549688+00:00	Debian Oval Importer	Affected by	VCID-ca3b-g7k5-yucm	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.4.0
2026-04-15T14:26:34.396529+00:00	Debian Oval Importer	Affected by	VCID-ca3b-g7k5-yucm	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.4.0
2026-04-15T14:01:52.076262+00:00	Debian Oval Importer	Affected by	VCID-2hdg-fauv-7bhv	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.4.0
2026-04-11T21:42:59.579231+00:00	Debian Oval Importer	Fixing	VCID-ymyx-w5ve-gkgh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T19:48:34.998894+00:00	Debian Oval Importer	Affected by	VCID-2hdg-fauv-7bhv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:06:51.608018+00:00	Debian Oval Importer	Affected by	VCID-fthp-w8mb-nkgr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:00:29.200128+00:00	Debian Oval Importer	Affected by	VCID-ukce-7qpu-c7cm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:26:44.306526+00:00	Debian Oval Importer	Affected by	VCID-ca3b-g7k5-yucm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T14:56:46.936439+00:00	Debian Oval Importer	Affected by	VCID-ukce-7qpu-c7cm	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.3.0
2026-04-11T14:53:22.048317+00:00	Debian Oval Importer	Affected by	VCID-ca3b-g7k5-yucm	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.3.0
2026-04-11T14:14:54.097409+00:00	Debian Oval Importer	Affected by	VCID-ca3b-g7k5-yucm	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.3.0
2026-04-11T13:50:29.275215+00:00	Debian Oval Importer	Affected by	VCID-2hdg-fauv-7bhv	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.3.0
2026-04-08T21:20:51.710532+00:00	Debian Oval Importer	Fixing	VCID-ymyx-w5ve-gkgh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:31:15.078983+00:00	Debian Oval Importer	Affected by	VCID-2hdg-fauv-7bhv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:53:19.173034+00:00	Debian Oval Importer	Affected by	VCID-fthp-w8mb-nkgr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:49:57.941601+00:00	Debian Oval Importer	Affected by	VCID-ukce-7qpu-c7cm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:18:16.094505+00:00	Debian Oval Importer	Affected by	VCID-ca3b-g7k5-yucm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T23:28:55.557112+00:00	Debian Oval Importer	Affected by	VCID-ukce-7qpu-c7cm	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.1.0
2026-04-07T23:25:50.701831+00:00	Debian Oval Importer	Affected by	VCID-ca3b-g7k5-yucm	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.1.0
2026-04-07T22:48:43.637833+00:00	Debian Oval Importer	Affected by	VCID-ca3b-g7k5-yucm	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.1.0
2026-04-07T22:25:42.201811+00:00	Debian Oval Importer	Affected by	VCID-2hdg-fauv-7bhv	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.1.0