VulnerableCode Package Details - pkg:deb/debian/gpsd@2.95-8

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/gpsd@2.95-8

Essentials
History (4)

purl	pkg:deb/debian/gpsd@2.95-8

Next non-vulnerable version	3.22-4.1+deb12u1
Latest non-vulnerable version	3.22-4.1+deb12u1
Risk	4.4

Vulnerabilities affecting this package (4)

Vulnerability	Summary	Fixed by
VCID-3hfb-xp7n-ayf7 Aliases: CVE-2013-2038	The NMEA0183 driver in gpsd before 3.9 allows remote attackers to cause a denial of service (daemon termination) and possibly execute arbitrary code via a GPS packet with a malformed $GPGGA interpreted sentence that lacks certain fields and a terminator. NOTE: a separate issue in the AIS driver was also reported, but it might not be a vulnerability.	3.9-3~bpo70+1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-4v9g-qxw8-d7ct Aliases: CVE-2018-17937	Improper Restriction of Operations within the Bounds of a Memory Buffer A stack-based buffer overflow may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port/TCP or crafted JSON inputs.	3.17-7 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-pv58-9n2y-y7ab Aliases: CVE-2025-67268	gpsd: gpsd: Arbitrary code execution via heap-based out-of-bounds write in NMEA2000 packet handling	3.22-4.1+deb12u1 Affected by 0 other vulnerabilities.
VCID-tgfy-9k4r-ufcr Aliases: CVE-2025-67269	gpsd: gpsd: Denial of Service due to malformed NAVCOM packet parsing	3.22-4.1+deb12u1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-06T09:14:30.215712+00:00	Debian Oval Importer	Affected by	VCID-tgfy-9k4r-ufcr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-06T08:04:01.597338+00:00	Debian Oval Importer	Affected by	VCID-pv58-9n2y-y7ab	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-06T03:41:41.515164+00:00	Debian Oval Importer	Affected by	VCID-4v9g-qxw8-d7ct	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-06T00:54:12.133560+00:00	Debian Oval Importer	Affected by	VCID-3hfb-xp7n-ayf7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0