Search for packages
| purl | pkg:deb/debian/dpkg@1.17.25 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-e1fu-mzvj-xydx
Aliases: CVE-2017-8283 |
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source on NetBSD. |
Affected by 1 other vulnerability. |
|
VCID-strx-c9sj-9bbb
Aliases: CVE-2015-0860 |
A vulnerability was discovered in dpkg which could potentially lead to arbitrary code execution. |
Affected by 3 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-xxdx-hfvz-tfaf
Aliases: CVE-2022-1664 |
A vulnerability has been discovered in dpkg, which allows for directory traversal. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-umm6-cgs8-pyg3 | Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name. |
CVE-2014-8625
|
| VCID-zypq-un6n-eugq | security update |
CVE-2015-0840
|