VulnerableCode Package Details - pkg:deb/debian/dpkg@1.17.27

Search for packages

Vulnerability	Summary	Fixed by
VCID-e1fu-mzvj-xydx Aliases: CVE-2017-8283	dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source on NetBSD.	1.18.24 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-strx-c9sj-9bbb Aliases: CVE-2015-0860	A vulnerability was discovered in dpkg which could potentially lead to arbitrary code execution.	1.18.24 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-xxdx-hfvz-tfaf Aliases: CVE-2022-1664	A vulnerability has been discovered in dpkg, which allows for directory traversal.	1.19.8 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.20.13 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-e1fu-mzvj-xydx
Aliases:
CVE-2017-8283

dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source on NetBSD.

1.18.24
Affected by 1 other vulnerability.

VCID-strx-c9sj-9bbb
Aliases:
CVE-2015-0860

A vulnerability was discovered in dpkg which could potentially lead to arbitrary code execution.

1.18.24
Affected by 1 other vulnerability.

VCID-xxdx-hfvz-tfaf
Aliases:
CVE-2022-1664

A vulnerability has been discovered in dpkg, which allows for directory traversal.

1.19.8
Affected by 1 other vulnerability.

1.20.13
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
VCID-strx-c9sj-9bbb	A vulnerability was discovered in dpkg which could potentially lead to arbitrary code execution.	CVE-2015-0860

Vulnerability

Summary

Aliases

VCID-strx-c9sj-9bbb

A vulnerability was discovered in dpkg which could potentially lead to arbitrary code execution.

CVE-2015-0860

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T00:19:15.105528+00:00	Debian Oval Importer	Affected by	VCID-xxdx-hfvz-tfaf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:04:08.644630+00:00	Debian Oval Importer	Affected by	VCID-strx-c9sj-9bbb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:42:38.776147+00:00	Debian Oval Importer	Affected by	VCID-e1fu-mzvj-xydx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T14:59:54.538802+00:00	Debian Oval Importer	Affected by	VCID-xxdx-hfvz-tfaf	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.4.0
2026-04-15T13:27:46.027804+00:00	Debian Oval Importer	Fixing	VCID-strx-c9sj-9bbb	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.4.0
2026-04-11T23:52:52.925381+00:00	Debian Oval Importer	Affected by	VCID-xxdx-hfvz-tfaf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:42:12.908157+00:00	Debian Oval Importer	Affected by	VCID-strx-c9sj-9bbb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:23:41.144236+00:00	Debian Oval Importer	Affected by	VCID-e1fu-mzvj-xydx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T14:48:10.023507+00:00	Debian Oval Importer	Affected by	VCID-xxdx-hfvz-tfaf	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.3.0
2026-04-11T13:16:28.419109+00:00	Debian Oval Importer	Fixing	VCID-strx-c9sj-9bbb	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.3.0
2026-04-08T23:24:48.407918+00:00	Debian Oval Importer	Affected by	VCID-xxdx-hfvz-tfaf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:20:06.107210+00:00	Debian Oval Importer	Affected by	VCID-strx-c9sj-9bbb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:04:17.198838+00:00	Debian Oval Importer	Affected by	VCID-e1fu-mzvj-xydx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T23:20:55.203270+00:00	Debian Oval Importer	Affected by	VCID-xxdx-hfvz-tfaf	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.1.0
2026-04-07T21:52:25.623214+00:00	Debian Oval Importer	Fixing	VCID-strx-c9sj-9bbb	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.1.0