VulnerableCode Package Details - pkg:deb/debian/flightgear@3.0.0-5%2Bdeb8u3

Search for packages

Vulnerability	Summary	Fixed by
VCID-7q3y-2xqq-xyeb Aliases: CVE-2017-13709	In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree.	1:2018.3.2+dfsg-2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-9ewn-73tt-dbbp Aliases: CVE-2017-8921	In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan (XML). A resource such as a malicious third-party aircraft could exploit this to damage files belonging to the user. Both this issue and CVE-2016-9956 are directory traversal vulnerabilities in Autopilot/route_mgr.cxx - this one exists because of an incomplete fix for CVE-2016-9956.	1:2016.4.4+dfsg-3+deb9u1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-f7c9-mtg5-73d2 Aliases: CVE-2025-0781	An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level.	1:2020.3.16+dfsg-1+deb12u1 Affected by 0 other vulnerabilities.
VCID-jvuk-8u9v-wyfy Aliases: CVE-2016-9956	security update	1:2016.4.4+dfsg-3+deb9u1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-7q3y-2xqq-xyeb
Aliases:
CVE-2017-13709

In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree.

1:2018.3.2+dfsg-2
Affected by 1 other vulnerability.

VCID-9ewn-73tt-dbbp
Aliases:
CVE-2017-8921

In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan (XML). A resource such as a malicious third-party aircraft could exploit this to damage files belonging to the user. Both this issue and CVE-2016-9956 are directory traversal vulnerabilities in Autopilot/route_mgr.cxx - this one exists because of an incomplete fix for CVE-2016-9956.

1:2016.4.4+dfsg-3+deb9u1
Affected by 2 other vulnerabilities.

VCID-f7c9-mtg5-73d2
Aliases:
CVE-2025-0781

An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level.

1:2020.3.16+dfsg-1+deb12u1
Affected by 0 other vulnerabilities.

VCID-jvuk-8u9v-wyfy
Aliases:
CVE-2016-9956

security update

1:2016.4.4+dfsg-3+deb9u1
Affected by 2 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-jvuk-8u9v-wyfy	security update	CVE-2016-9956

Vulnerability

Summary

Aliases

VCID-jvuk-8u9v-wyfy

security update

CVE-2016-9956

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T23:42:21.143086+00:00	Debian Oval Importer	Affected by	VCID-jvuk-8u9v-wyfy	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:04:15.575943+00:00	Debian Oval Importer	Affected by	VCID-f7c9-mtg5-73d2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:58:51.171446+00:00	Debian Oval Importer	Affected by	VCID-9ewn-73tt-dbbp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:48:06.650271+00:00	Debian Oval Importer	Affected by	VCID-7q3y-2xqq-xyeb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T13:40:48.730167+00:00	Debian Oval Importer	Fixing	VCID-jvuk-8u9v-wyfy	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.4.0
2026-04-11T23:17:06.685253+00:00	Debian Oval Importer	Affected by	VCID-jvuk-8u9v-wyfy	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:44:21.076580+00:00	Debian Oval Importer	Affected by	VCID-f7c9-mtg5-73d2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:39:10.553963+00:00	Debian Oval Importer	Affected by	VCID-9ewn-73tt-dbbp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:34:52.957496+00:00	Debian Oval Importer	Affected by	VCID-7q3y-2xqq-xyeb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T13:29:31.467020+00:00	Debian Oval Importer	Fixing	VCID-jvuk-8u9v-wyfy	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.3.0
2026-04-08T22:50:33.490949+00:00	Debian Oval Importer	Affected by	VCID-jvuk-8u9v-wyfy	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:24:13.589963+00:00	Debian Oval Importer	Affected by	VCID-f7c9-mtg5-73d2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:19:12.995064+00:00	Debian Oval Importer	Affected by	VCID-9ewn-73tt-dbbp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:25:46.946259+00:00	Debian Oval Importer	Affected by	VCID-7q3y-2xqq-xyeb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T22:05:14.925755+00:00	Debian Oval Importer	Fixing	VCID-jvuk-8u9v-wyfy	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.1.0