Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/cyrus-sasl2@2.1.27%2Bdfsg-1%2Bdeb10u2
purl pkg:deb/debian/cyrus-sasl2@2.1.27%2Bdfsg-1%2Bdeb10u2
Next non-vulnerable version 2.1.27+dfsg-2.1+deb11u1
Latest non-vulnerable version 2.1.27+dfsg-2.1+deb11u1
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-ca3b-g7k5-yucm
Aliases:
CVE-2019-19906
security update
2.1.27+dfsg-2.1+deb11u1
Affected by 0 other vulnerabilities.
VCID-ukce-7qpu-c7cm
Aliases:
CVE-2022-24407
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.
2.1.27+dfsg-2.1+deb11u1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-ca3b-g7k5-yucm security update CVE-2019-19906
VCID-ukce-7qpu-c7cm Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. CVE-2022-24407

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T17:13:54.020098+00:00 Debian Oval Importer Affected by VCID-ukce-7qpu-c7cm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:39:49.228041+00:00 Debian Oval Importer Affected by VCID-ca3b-g7k5-yucm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:08:29.804482+00:00 Debian Oval Importer Fixing VCID-ukce-7qpu-c7cm https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T15:05:04.576471+00:00 Debian Oval Importer Fixing VCID-ca3b-g7k5-yucm https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-11T17:00:29.234240+00:00 Debian Oval Importer Affected by VCID-ukce-7qpu-c7cm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:26:44.336074+00:00 Debian Oval Importer Affected by VCID-ca3b-g7k5-yucm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T14:56:46.968922+00:00 Debian Oval Importer Fixing VCID-ukce-7qpu-c7cm https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T14:53:22.080530+00:00 Debian Oval Importer Fixing VCID-ca3b-g7k5-yucm https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-08T16:49:57.972399+00:00 Debian Oval Importer Affected by VCID-ukce-7qpu-c7cm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:18:16.128290+00:00 Debian Oval Importer Affected by VCID-ca3b-g7k5-yucm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-07T23:28:55.573681+00:00 Debian Oval Importer Fixing VCID-ukce-7qpu-c7cm https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-07T23:25:50.716218+00:00 Debian Oval Importer Fixing VCID-ca3b-g7k5-yucm https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0