Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/cyrus-sasl2@2.1.23.dfsg1-7
purl pkg:deb/debian/cyrus-sasl2@2.1.23.dfsg1-7
Next non-vulnerable version 2.1.27+dfsg-2.1+deb11u1
Latest non-vulnerable version 2.1.27+dfsg-2.1+deb11u1
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-2hdg-fauv-7bhv
Aliases:
CVE-2013-4122
A NULL pointer dereference in Cyrus-SASL may allow remote attackers to cause a Denial of Service condition.
2.1.26.dfsg1-13+deb8u1
Affected by 3 other vulnerabilities.
2.1.27~101-g0780600+dfsg-3+deb9u1
Affected by 2 other vulnerabilities.
VCID-ca3b-g7k5-yucm
Aliases:
CVE-2019-19906
security update
2.1.27~101-g0780600+dfsg-3+deb9u1
Affected by 2 other vulnerabilities.
2.1.27+dfsg-1+deb10u2
Affected by 2 other vulnerabilities.
2.1.27+dfsg-2.1+deb11u1
Affected by 0 other vulnerabilities.
VCID-ukce-7qpu-c7cm
Aliases:
CVE-2022-24407
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.
2.1.27+dfsg-1+deb10u2
Affected by 2 other vulnerabilities.
2.1.27+dfsg-2.1+deb11u1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-fthp-w8mb-nkgr A buffer overflow in Cyrus-SASL might allow for the execution of arbitrary code in applications or daemons that authenticate using SASL. CVE-2009-0688

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T20:06:59.095141+00:00 Debian Oval Importer Affected by VCID-2hdg-fauv-7bhv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:21:40.735710+00:00 Debian Oval Importer Fixing VCID-fthp-w8mb-nkgr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:13:54.003967+00:00 Debian Oval Importer Affected by VCID-ukce-7qpu-c7cm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:39:49.211203+00:00 Debian Oval Importer Affected by VCID-ca3b-g7k5-yucm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:08:29.786699+00:00 Debian Oval Importer Affected by VCID-ukce-7qpu-c7cm https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T15:05:04.559935+00:00 Debian Oval Importer Affected by VCID-ca3b-g7k5-yucm https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T14:26:34.406640+00:00 Debian Oval Importer Affected by VCID-ca3b-g7k5-yucm https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.4.0
2026-04-15T14:01:52.086604+00:00 Debian Oval Importer Affected by VCID-2hdg-fauv-7bhv https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.4.0
2026-04-11T19:48:35.023041+00:00 Debian Oval Importer Affected by VCID-2hdg-fauv-7bhv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:06:51.620083+00:00 Debian Oval Importer Fixing VCID-fthp-w8mb-nkgr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:00:29.212348+00:00 Debian Oval Importer Affected by VCID-ukce-7qpu-c7cm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:26:44.318080+00:00 Debian Oval Importer Affected by VCID-ca3b-g7k5-yucm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T14:56:46.948434+00:00 Debian Oval Importer Affected by VCID-ukce-7qpu-c7cm https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T14:53:22.060338+00:00 Debian Oval Importer Affected by VCID-ca3b-g7k5-yucm https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T14:14:54.111330+00:00 Debian Oval Importer Affected by VCID-ca3b-g7k5-yucm https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.3.0
2026-04-11T13:50:29.285766+00:00 Debian Oval Importer Affected by VCID-2hdg-fauv-7bhv https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.3.0
2026-04-08T19:31:15.091217+00:00 Debian Oval Importer Affected by VCID-2hdg-fauv-7bhv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:53:19.194996+00:00 Debian Oval Importer Fixing VCID-fthp-w8mb-nkgr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:49:57.952776+00:00 Debian Oval Importer Affected by VCID-ukce-7qpu-c7cm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:18:16.108656+00:00 Debian Oval Importer Affected by VCID-ca3b-g7k5-yucm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-07T23:28:55.564023+00:00 Debian Oval Importer Affected by VCID-ukce-7qpu-c7cm https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-07T23:25:50.706933+00:00 Debian Oval Importer Affected by VCID-ca3b-g7k5-yucm https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-07T22:48:43.650928+00:00 Debian Oval Importer Affected by VCID-ca3b-g7k5-yucm https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.1.0
2026-04-07T22:25:42.209265+00:00 Debian Oval Importer Affected by VCID-2hdg-fauv-7bhv https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.1.0