VulnerableCode Package Details - pkg:deb/debian/file@1:5.30-1%2Bdeb9u3

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/file@1:5.30-1%2Bdeb9u3

Essentials
History (36)

purl	pkg:deb/debian/file@1:5.30-1%2Bdeb9u3

Next non-vulnerable version	1:5.39-3+deb11u1
Latest non-vulnerable version	1:5.39-3+deb11u1
Risk	4.0

Vulnerabilities affecting this package (8)

Vulnerability	Summary	Fixed by
VCID-479u-yvtq-4qde Aliases: CVE-2017-1000249	A stack-based buffer overflow was found in file, possibly resulting in the execution of arbitrary code.	1:5.35-4+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-dn25-adac-e3cr Aliases: CVE-2022-48554	A vulnerability has been discovered in file, which could lead to a denial of service.	1:5.39-3+deb11u1 Affected by 0 other vulnerabilities.
VCID-dnwd-kqz6-p3ek Aliases: CVE-2019-8905	file: stack-based buffer over-read in do_core_note in readelf.c	1:5.35-4+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-fupq-ukq7-r7ac Aliases: CVE-2019-18218	A heap-based buffer overflow in file might allow remote attackers to execute arbitrary code.	1:5.35-4+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1:5.39-3+deb11u1 Affected by 0 other vulnerabilities.
VCID-p13b-2a4m-sbfx Aliases: CVE-2019-8907	file: do_core_note in readelf.c allows remote attackers to cause a denial of service	1:5.35-4+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-q9eh-jb32-xfgz Aliases: CVE-2018-10360	A vulnerability in file could lead to a Denial of Service condition.	1:5.35-4+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-t8q1-8y52-e7dp Aliases: CVE-2019-8906	file: out-of-bounds read in do_core_note in readelf.c	1:5.35-4+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zqgq-d1nu-qbd5 Aliases: CVE-2019-8904	file: stack-based buffer over-read in do_bid_note in readelf.c	1:5.35-4+deb10u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (3)

Vulnerability	Summary	Aliases
VCID-479u-yvtq-4qde	A stack-based buffer overflow was found in file, possibly resulting in the execution of arbitrary code.	CVE-2017-1000249
VCID-fupq-ukq7-r7ac	A heap-based buffer overflow in file might allow remote attackers to execute arbitrary code.	CVE-2019-18218
VCID-zkut-a5an-r7ae	Multiple vulnerabilities have been found in file, the worst of which could allow remote attackers to execute arbitrary code.	CVE-2015-8865

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T01:04:14.462291+00:00	Debian Oval Importer	Fixing	VCID-zkut-a5an-r7ae	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-16T00:33:50.736255+00:00	Debian Oval Importer	Affected by	VCID-q9eh-jb32-xfgz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:38:59.638146+00:00	Debian Oval Importer	Affected by	VCID-t8q1-8y52-e7dp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:44:27.424279+00:00	Debian Oval Importer	Affected by	VCID-p13b-2a4m-sbfx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:40:00.889290+00:00	Debian Oval Importer	Affected by	VCID-479u-yvtq-4qde	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:32:27.655216+00:00	Debian Oval Importer	Affected by	VCID-zqgq-d1nu-qbd5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:45:55.400518+00:00	Debian Oval Importer	Affected by	VCID-dn25-adac-e3cr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:36:46.478569+00:00	Debian Oval Importer	Affected by	VCID-dnwd-kqz6-p3ek	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:17:31.762276+00:00	Debian Oval Importer	Affected by	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T14:48:38.287429+00:00	Debian Oval Importer	Affected by	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.4.0
2026-04-15T14:34:47.986230+00:00	Debian Oval Importer	Fixing	VCID-479u-yvtq-4qde	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.4.0
2026-04-15T14:15:22.826223+00:00	Debian Oval Importer	Fixing	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.4.0
2026-04-12T00:36:18.259018+00:00	Debian Oval Importer	Fixing	VCID-zkut-a5an-r7ae	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-12T00:07:03.676728+00:00	Debian Oval Importer	Affected by	VCID-q9eh-jb32-xfgz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:13:52.164592+00:00	Debian Oval Importer	Affected by	VCID-t8q1-8y52-e7dp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:25:26.520301+00:00	Debian Oval Importer	Affected by	VCID-p13b-2a4m-sbfx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:21:06.386411+00:00	Debian Oval Importer	Affected by	VCID-479u-yvtq-4qde	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:13:46.602292+00:00	Debian Oval Importer	Affected by	VCID-zqgq-d1nu-qbd5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:32:43.417254+00:00	Debian Oval Importer	Affected by	VCID-dn25-adac-e3cr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:23:44.863395+00:00	Debian Oval Importer	Affected by	VCID-dnwd-kqz6-p3ek	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:05:51.068203+00:00	Debian Oval Importer	Affected by	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T14:36:52.891603+00:00	Debian Oval Importer	Affected by	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.3.0
2026-04-11T14:23:04.892075+00:00	Debian Oval Importer	Fixing	VCID-479u-yvtq-4qde	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.3.0
2026-04-11T14:03:54.527850+00:00	Debian Oval Importer	Fixing	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.3.0
2026-04-09T00:06:22.803818+00:00	Debian Oval Importer	Fixing	VCID-zkut-a5an-r7ae	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T23:38:14.787197+00:00	Debian Oval Importer	Affected by	VCID-q9eh-jb32-xfgz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:47:26.405853+00:00	Debian Oval Importer	Affected by	VCID-t8q1-8y52-e7dp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:05:58.123275+00:00	Debian Oval Importer	Affected by	VCID-p13b-2a4m-sbfx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:01:49.475040+00:00	Debian Oval Importer	Affected by	VCID-479u-yvtq-4qde	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:54:54.415863+00:00	Debian Oval Importer	Affected by	VCID-zqgq-d1nu-qbd5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:23:47.421668+00:00	Debian Oval Importer	Affected by	VCID-dn25-adac-e3cr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:15:29.279658+00:00	Debian Oval Importer	Affected by	VCID-dnwd-kqz6-p3ek	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:01:17.794566+00:00	Debian Oval Importer	Affected by	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T23:10:00.764894+00:00	Debian Oval Importer	Affected by	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.1.0
2026-04-07T22:56:38.693698+00:00	Debian Oval Importer	Fixing	VCID-479u-yvtq-4qde	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.1.0
2026-04-07T22:38:07.800103+00:00	Debian Oval Importer	Fixing	VCID-fupq-ukq7-r7ac	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.1.0