VulnerableCode Package Details - pkg:deb/debian/gnumeric@1.12.55-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2kke-w7x2-5yaw	Several integer overflow vulnerabilities have been reported in Gnumeric, possibly resulting in user-assisted execution of arbitrary code.	CVE-2008-0668
VCID-8c6b-6hbz-y3hc	Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file with a crafted length value.	CVE-2013-6836
VCID-jnt2-3jj4-17cw	An untrusted search path vulnerability in Gnumeric might result in the execution of arbitrary code.	CVE-2009-0318
VCID-v2g6-h93b-euer	An integer overflow flaw was found in PCRE, a Perl-compatible regular expression library included within httpd. A local user who has the ability to create .htaccess files could create a maliciously crafted regular expression in such as way that they could gain the privileges of a httpd child.	CVE-2005-2491

Vulnerability

Summary

Aliases

VCID-2kke-w7x2-5yaw

Several integer overflow vulnerabilities have been reported in Gnumeric, possibly resulting in user-assisted execution of arbitrary code.

CVE-2008-0668

VCID-8c6b-6hbz-y3hc

Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file with a crafted length value.

CVE-2013-6836

VCID-jnt2-3jj4-17cw

An untrusted search path vulnerability in Gnumeric might result in the execution of arbitrary code.

CVE-2009-0318

VCID-v2g6-h93b-euer

An integer overflow flaw was found in PCRE, a Perl-compatible regular expression library included within httpd. A local user who has the ability to create .htaccess files could create a maliciously crafted regular expression in such as way that they could gain the privileges of a httpd child.

CVE-2005-2491

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:11:29.466033+00:00	Debian Importer	Fixing	VCID-2kke-w7x2-5yaw	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:27:20.824480+00:00	Debian Importer	Fixing	VCID-8c6b-6hbz-y3hc	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:56:27.243596+00:00	Debian Importer	Fixing	VCID-jnt2-3jj4-17cw	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:37:44.683777+00:00	Debian Importer	Fixing	VCID-v2g6-h93b-euer	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T09:04:39.062401+00:00	Debian Importer	Fixing	VCID-2kke-w7x2-5yaw	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:31:32.916195+00:00	Debian Importer	Fixing	VCID-8c6b-6hbz-y3hc	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:09:01.832484+00:00	Debian Importer	Fixing	VCID-jnt2-3jj4-17cw	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:11:03.364657+00:00	Debian Importer	Fixing	VCID-v2g6-h93b-euer	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:25:30.371174+00:00	Debian Importer	Fixing	VCID-8c6b-6hbz-y3hc	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:25:30.332421+00:00	Debian Importer	Fixing	VCID-jnt2-3jj4-17cw	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:25:30.294785+00:00	Debian Importer	Fixing	VCID-2kke-w7x2-5yaw	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:25:30.253772+00:00	Debian Importer	Fixing	VCID-v2g6-h93b-euer	https://security-tracker.debian.org/tracker/data/json	38.1.0