Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/gnumeric@1.10.8-1squeeze5
purl pkg:deb/debian/gnumeric@1.10.8-1squeeze5
Next non-vulnerable version 1.12.18-2
Latest non-vulnerable version 1.12.18-2
Risk
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-8c6b-6hbz-y3hc
Aliases:
CVE-2013-6836
Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file with a crafted length value.
1.12.18-2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-jnt2-3jj4-17cw An untrusted search path vulnerability in Gnumeric might result in the execution of arbitrary code. CVE-2009-0318

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T18:55:24.608044+00:00 Debian Oval Importer Fixing VCID-jnt2-3jj4-17cw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:30:00.090076+00:00 Debian Oval Importer Affected by VCID-8c6b-6hbz-y3hc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T18:39:41.377570+00:00 Debian Oval Importer Fixing VCID-jnt2-3jj4-17cw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:16:25.538775+00:00 Debian Oval Importer Affected by VCID-8c6b-6hbz-y3hc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T18:24:51.841887+00:00 Debian Oval Importer Fixing VCID-jnt2-3jj4-17cw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:05:01.986254+00:00 Debian Oval Importer Affected by VCID-8c6b-6hbz-y3hc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0