VulnerableCode Package Details - pkg:deb/debian/file@1:5.22%2B15-2%2Bdeb8u4

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/file@1:5.22%2B15-2%2Bdeb8u4

Essentials
History (36)

purl	pkg:deb/debian/file@1:5.22%2B15-2%2Bdeb8u4

Next non-vulnerable version	1:5.39-3+deb11u1
Latest non-vulnerable version	1:5.39-3+deb11u1
Risk	4.0

Vulnerabilities affecting this package (9)

Vulnerability	Summary	Fixed by
VCID-479u-yvtq-4qde Aliases: CVE-2017-1000249	A stack-based buffer overflow was found in file, possibly resulting in the execution of arbitrary code.	1:5.30-1+deb9u3 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1:5.35-4+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-dn25-adac-e3cr Aliases: CVE-2022-48554	A vulnerability has been discovered in file, which could lead to a denial of service.	1:5.39-3+deb11u1 Affected by 0 other vulnerabilities.
VCID-dnwd-kqz6-p3ek Aliases: CVE-2019-8905	file: stack-based buffer over-read in do_core_note in readelf.c	1:5.35-4+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-fupq-ukq7-r7ac Aliases: CVE-2019-18218	A heap-based buffer overflow in file might allow remote attackers to execute arbitrary code.	1:5.30-1+deb9u3 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1:5.35-4+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1:5.39-3+deb11u1 Affected by 0 other vulnerabilities.
VCID-p13b-2a4m-sbfx Aliases: CVE-2019-8907	file: do_core_note in readelf.c allows remote attackers to cause a denial of service	1:5.35-4+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-q9eh-jb32-xfgz Aliases: CVE-2018-10360	A vulnerability in file could lead to a Denial of Service condition.	1:5.35-4+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-t8q1-8y52-e7dp Aliases: CVE-2019-8906	file: out-of-bounds read in do_core_note in readelf.c	1:5.35-4+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zkut-a5an-r7ae Aliases: CVE-2015-8865	Multiple vulnerabilities have been found in file, the worst of which could allow remote attackers to execute arbitrary code.	1:5.30-1+deb9u3 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zqgq-d1nu-qbd5 Aliases: CVE-2019-8904	file: stack-based buffer over-read in do_bid_note in readelf.c	1:5.35-4+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T01:04:14.458450+00:00	Debian Oval Importer	Affected by	VCID-zkut-a5an-r7ae	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-16T00:33:50.732641+00:00	Debian Oval Importer	Affected by	VCID-q9eh-jb32-xfgz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:38:59.633967+00:00	Debian Oval Importer	Affected by	VCID-t8q1-8y52-e7dp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:44:27.420854+00:00	Debian Oval Importer	Affected by	VCID-p13b-2a4m-sbfx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:40:00.885273+00:00	Debian Oval Importer	Affected by	VCID-479u-yvtq-4qde	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:32:27.651611+00:00	Debian Oval Importer	Affected by	VCID-zqgq-d1nu-qbd5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:45:55.396805+00:00	Debian Oval Importer	Affected by	VCID-dn25-adac-e3cr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:36:46.474991+00:00	Debian Oval Importer	Affected by	VCID-dnwd-kqz6-p3ek	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:17:31.758980+00:00	Debian Oval Importer	Affected by	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T14:48:38.283988+00:00	Debian Oval Importer	Affected by	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.4.0
2026-04-15T14:34:47.982880+00:00	Debian Oval Importer	Affected by	VCID-479u-yvtq-4qde	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.4.0
2026-04-15T14:15:22.822829+00:00	Debian Oval Importer	Affected by	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.4.0
2026-04-12T00:36:18.255445+00:00	Debian Oval Importer	Affected by	VCID-zkut-a5an-r7ae	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-12T00:07:03.672702+00:00	Debian Oval Importer	Affected by	VCID-q9eh-jb32-xfgz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:13:52.160733+00:00	Debian Oval Importer	Affected by	VCID-t8q1-8y52-e7dp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:25:26.516074+00:00	Debian Oval Importer	Affected by	VCID-p13b-2a4m-sbfx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:21:06.382289+00:00	Debian Oval Importer	Affected by	VCID-479u-yvtq-4qde	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:13:46.598266+00:00	Debian Oval Importer	Affected by	VCID-zqgq-d1nu-qbd5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:32:43.413242+00:00	Debian Oval Importer	Affected by	VCID-dn25-adac-e3cr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:23:44.859285+00:00	Debian Oval Importer	Affected by	VCID-dnwd-kqz6-p3ek	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:05:51.063823+00:00	Debian Oval Importer	Affected by	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T14:36:52.887517+00:00	Debian Oval Importer	Affected by	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.3.0
2026-04-11T14:23:04.887893+00:00	Debian Oval Importer	Affected by	VCID-479u-yvtq-4qde	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.3.0
2026-04-11T14:03:54.523493+00:00	Debian Oval Importer	Affected by	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.3.0
2026-04-09T00:06:22.799277+00:00	Debian Oval Importer	Affected by	VCID-zkut-a5an-r7ae	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T23:38:14.782973+00:00	Debian Oval Importer	Affected by	VCID-q9eh-jb32-xfgz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:47:26.401551+00:00	Debian Oval Importer	Affected by	VCID-t8q1-8y52-e7dp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:05:58.118963+00:00	Debian Oval Importer	Affected by	VCID-p13b-2a4m-sbfx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:01:49.466619+00:00	Debian Oval Importer	Affected by	VCID-479u-yvtq-4qde	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:54:54.411279+00:00	Debian Oval Importer	Affected by	VCID-zqgq-d1nu-qbd5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:23:47.417028+00:00	Debian Oval Importer	Affected by	VCID-dn25-adac-e3cr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:15:29.274618+00:00	Debian Oval Importer	Affected by	VCID-dnwd-kqz6-p3ek	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:01:17.789955+00:00	Debian Oval Importer	Affected by	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T23:10:00.760010+00:00	Debian Oval Importer	Affected by	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.1.0
2026-04-07T22:56:38.689482+00:00	Debian Oval Importer	Affected by	VCID-479u-yvtq-4qde	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.1.0
2026-04-07T22:38:07.797531+00:00	Debian Oval Importer	Affected by	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.1.0