VulnerableCode Package Details - pkg:deb/debian/gvfs@1.22.2-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-aw2w-qkay-vycd Aliases: CVE-2019-3827	gvfs: Incorrect authorization in admin backend allows privileged users to read and modify arbitrary files without prompting for password	1.38.1-5 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-ex2c-73nv-wkd7 Aliases: CVE-2019-12447	gvfs: mishandling of file ownership in daemon/gvfsbackendadmin.c	1.38.1-5 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-n7zf-vpph-nygr Aliases: CVE-2026-28295	gvfs: GVfs FTP backend: Information disclosure via untrusted PASV responses	1.50.3-1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.50.3-1+deb12u1 Affected by 0 other vulnerabilities. 1.57.2-2+deb13u1 Affected by 0 other vulnerabilities.
VCID-tvv8-29d2-hugb Aliases: CVE-2019-12449	gvfs: mishandling of file's user and group ownership in daemon/gvfsbackendadmin.c due to unavailability of root privileges	1.38.1-5 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-wgka-2er4-abd6 Aliases: CVE-2019-12795	gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd	1.38.1-5 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-wjfz-3svt-akdp Aliases: CVE-2019-12448	gvfs: race condition in daemon/gvfsbackendadmin.c due to admin backend not implementing query_info_on_read/write	1.38.1-5 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-yxx6-d283-a7cu Aliases: CVE-2026-28296	gvfs: FTP GVfs backend: Arbitrary FTP command injection via CRLF sequences in file paths	1.50.3-1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.50.3-1+deb12u1 Affected by 0 other vulnerabilities. 1.57.2-2+deb13u1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-aw2w-qkay-vycd
Aliases:
CVE-2019-3827

gvfs: Incorrect authorization in admin backend allows privileged users to read and modify arbitrary files without prompting for password

1.38.1-5
Affected by 2 other vulnerabilities.

VCID-ex2c-73nv-wkd7
Aliases:
CVE-2019-12447

gvfs: mishandling of file ownership in daemon/gvfsbackendadmin.c

1.38.1-5
Affected by 2 other vulnerabilities.

VCID-n7zf-vpph-nygr
Aliases:
CVE-2026-28295

gvfs: GVfs FTP backend: Information disclosure via untrusted PASV responses

1.50.3-1
Affected by 2 other vulnerabilities.

1.50.3-1+deb12u1
Affected by 0 other vulnerabilities.

1.57.2-2+deb13u1
Affected by 0 other vulnerabilities.

VCID-tvv8-29d2-hugb
Aliases:
CVE-2019-12449

gvfs: mishandling of file's user and group ownership in daemon/gvfsbackendadmin.c due to unavailability of root privileges

1.38.1-5
Affected by 2 other vulnerabilities.

VCID-wgka-2er4-abd6
Aliases:
CVE-2019-12795

gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd

1.38.1-5
Affected by 2 other vulnerabilities.

VCID-wjfz-3svt-akdp
Aliases:
CVE-2019-12448

gvfs: race condition in daemon/gvfsbackendadmin.c due to admin backend not implementing query_info_on_read/write

1.38.1-5
Affected by 2 other vulnerabilities.

VCID-yxx6-d283-a7cu
Aliases:
CVE-2026-28296

gvfs: FTP GVfs backend: Arbitrary FTP command injection via CRLF sequences in file paths

1.50.3-1
Affected by 2 other vulnerabilities.

1.50.3-1+deb12u1
Affected by 0 other vulnerabilities.

1.57.2-2+deb13u1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T23:50:52.324568+00:00	Debian Oval Importer	Affected by	VCID-wjfz-3svt-akdp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:44:57.634544+00:00	Debian Oval Importer	Affected by	VCID-tvv8-29d2-hugb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:27:50.536913+00:00	Debian Oval Importer	Affected by	VCID-yxx6-d283-a7cu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T19:33:57.354225+00:00	Debian Oval Importer	Affected by	VCID-ex2c-73nv-wkd7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:21:53.718049+00:00	Debian Oval Importer	Affected by	VCID-wgka-2er4-abd6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:57:45.680647+00:00	Debian Oval Importer	Affected by	VCID-aw2w-qkay-vycd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:33:17.141058+00:00	Debian Oval Importer	Affected by	VCID-n7zf-vpph-nygr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T23:25:17.153362+00:00	Debian Oval Importer	Affected by	VCID-wjfz-3svt-akdp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:19:38.050255+00:00	Debian Oval Importer	Affected by	VCID-tvv8-29d2-hugb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:03:11.973090+00:00	Debian Oval Importer	Affected by	VCID-yxx6-d283-a7cu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T19:16:41.632663+00:00	Debian Oval Importer	Affected by	VCID-ex2c-73nv-wkd7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:07:03.807947+00:00	Debian Oval Importer	Affected by	VCID-wgka-2er4-abd6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:43:37.833910+00:00	Debian Oval Importer	Affected by	VCID-aw2w-qkay-vycd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:19:37.404447+00:00	Debian Oval Importer	Affected by	VCID-n7zf-vpph-nygr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T22:58:24.035756+00:00	Debian Oval Importer	Affected by	VCID-wjfz-3svt-akdp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:53:00.157973+00:00	Debian Oval Importer	Affected by	VCID-tvv8-29d2-hugb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:37:05.025810+00:00	Debian Oval Importer	Affected by	VCID-yxx6-d283-a7cu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:00:34.630333+00:00	Debian Oval Importer	Affected by	VCID-ex2c-73nv-wkd7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:53:30.999616+00:00	Debian Oval Importer	Affected by	VCID-wgka-2er4-abd6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:30:58.145737+00:00	Debian Oval Importer	Affected by	VCID-aw2w-qkay-vycd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:08:05.095229+00:00	Debian Oval Importer	Affected by	VCID-n7zf-vpph-nygr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0