Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/dpkg@1.18.24?distro=trixie
purl pkg:deb/debian/dpkg@1.18.24?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-e1fu-mzvj-xydx dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source on NetBSD. CVE-2017-8283

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T10:30:28.490145+00:00 Debian Importer Fixing VCID-e1fu-mzvj-xydx https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T07:05:35.333163+00:00 Debian Importer Fixing VCID-e1fu-mzvj-xydx https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-02T17:08:23.954380+00:00 Debian Importer Fixing VCID-e1fu-mzvj-xydx https://security-tracker.debian.org/tracker/data/json 38.1.0