VulnerableCode Package Details - pkg:deb/debian/e2fsprogs@1.27-2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/e2fsprogs@1.27-2

Essentials
History (2)

purl	pkg:deb/debian/e2fsprogs@1.27-2

Next non-vulnerable version	1.42.5-1.1+deb7u1
Latest non-vulnerable version	1.42.5-1.1+deb7u1
Risk

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-eswx-swxn-2bgc Aliases: CVE-2015-1572	Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0247.	1.42.5-1.1+deb7u1 Affected by 0 other vulnerabilities.
VCID-xqqb-ht8y-zbb6 Aliases: CVE-2015-0247	Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image.	1.42.5-1.1+deb7u1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-04T20:38:02.097300+00:00	Debian Oval Importer	Affected by	VCID-eswx-swxn-2bgc	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.6.0
2026-06-04T20:27:00.043669+00:00	Debian Oval Importer	Affected by	VCID-xqqb-ht8y-zbb6	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.6.0