Search for packages
| purl | pkg:deb/debian/dpkg@1.10.28 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1vu9-xzw9-kfe2
Aliases: CVE-2005-2096 |
zlib DoS |
Affected by 13 other vulnerabilities. |
|
VCID-7stw-fbe7-p3am
Aliases: CVE-2014-3864 |
security update |
Affected by 10 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-9vsz-8751-wkgm
Aliases: CVE-2014-3127 |
security update |
Affected by 10 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-bx4a-22qt-qyg9
Aliases: CVE-2014-0471 |
security update |
Affected by 10 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-e1fu-mzvj-xydx
Aliases: CVE-2017-8283 |
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source on NetBSD. |
Affected by 1 other vulnerability. |
|
VCID-m1j5-hyhj-xyb4
Aliases: CVE-2010-0396 |
dpkg: path traversal issue |
Affected by 10 other vulnerabilities. |
|
VCID-m649-my8s-eqgk
Aliases: CVE-2014-3865 |
security update |
Affected by 10 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-qpz9-gs1s-ffd3
Aliases: CVE-2014-3227 |
security update |
Affected by 10 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-r8g2-smun-abgv
Aliases: CVE-2010-1679 |
Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package. |
Affected by 10 other vulnerabilities. |
|
VCID-strx-c9sj-9bbb
Aliases: CVE-2015-0860 |
A vulnerability was discovered in dpkg which could potentially lead to arbitrary code execution. |
Affected by 10 other vulnerabilities. Affected by 3 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-uf6j-uvg9-63d6
Aliases: CVE-2011-0402 |
dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via a symlink attack on unspecified files in the .pc directory. |
Affected by 10 other vulnerabilities. |
|
VCID-umm6-cgs8-pyg3
Aliases: CVE-2014-8625 |
Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name. |
Affected by 3 other vulnerabilities. |
|
VCID-xxdx-hfvz-tfaf
Aliases: CVE-2022-1664 |
A vulnerability has been discovered in dpkg, which allows for directory traversal. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. |
|
VCID-zypq-un6n-eugq
Aliases: CVE-2015-0840 |
security update |
Affected by 10 other vulnerabilities. Affected by 3 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-g22y-46dt-syd5 | dpkg 1.9.21 does not properly reset the metadata of a file during replacement of the file in a package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid file, (2) setgid file, or (3) device, a related issue to CVE-2010-2059. |
CVE-2004-2768
|