Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/gvfs@1.38.1-5
purl pkg:deb/debian/gvfs@1.38.1-5
Next non-vulnerable version 1.50.3-1+deb12u1
Latest non-vulnerable version 1.57.2-2+deb13u1
Risk 1.9
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-n7zf-vpph-nygr
Aliases:
CVE-2026-28295
gvfs: GVfs FTP backend: Information disclosure via untrusted PASV responses
1.50.3-1
Affected by 2 other vulnerabilities.
1.50.3-1+deb12u1
Affected by 0 other vulnerabilities.
1.57.2-2+deb13u1
Affected by 0 other vulnerabilities.
VCID-yxx6-d283-a7cu
Aliases:
CVE-2026-28296
gvfs: FTP GVfs backend: Arbitrary FTP command injection via CRLF sequences in file paths
1.50.3-1
Affected by 2 other vulnerabilities.
1.50.3-1+deb12u1
Affected by 0 other vulnerabilities.
1.57.2-2+deb13u1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (5)
Vulnerability Summary Aliases
VCID-aw2w-qkay-vycd gvfs: Incorrect authorization in admin backend allows privileged users to read and modify arbitrary files without prompting for password CVE-2019-3827
VCID-ex2c-73nv-wkd7 gvfs: mishandling of file ownership in daemon/gvfsbackendadmin.c CVE-2019-12447
VCID-tvv8-29d2-hugb gvfs: mishandling of file's user and group ownership in daemon/gvfsbackendadmin.c due to unavailability of root privileges CVE-2019-12449
VCID-wgka-2er4-abd6 gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd CVE-2019-12795
VCID-wjfz-3svt-akdp gvfs: race condition in daemon/gvfsbackendadmin.c due to admin backend not implementing query_info_on_read/write CVE-2019-12448

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T23:50:52.331561+00:00 Debian Oval Importer Fixing VCID-wjfz-3svt-akdp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:44:57.641734+00:00 Debian Oval Importer Fixing VCID-tvv8-29d2-hugb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:27:50.544480+00:00 Debian Oval Importer Affected by VCID-yxx6-d283-a7cu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:33:57.362770+00:00 Debian Oval Importer Fixing VCID-ex2c-73nv-wkd7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:21:53.725629+00:00 Debian Oval Importer Fixing VCID-wgka-2er4-abd6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:57:45.687083+00:00 Debian Oval Importer Fixing VCID-aw2w-qkay-vycd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:33:17.148706+00:00 Debian Oval Importer Affected by VCID-n7zf-vpph-nygr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T23:25:17.160831+00:00 Debian Oval Importer Fixing VCID-wjfz-3svt-akdp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T23:19:38.058480+00:00 Debian Oval Importer Fixing VCID-tvv8-29d2-hugb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T23:03:11.980973+00:00 Debian Oval Importer Affected by VCID-yxx6-d283-a7cu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:16:41.640292+00:00 Debian Oval Importer Fixing VCID-ex2c-73nv-wkd7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:07:03.815405+00:00 Debian Oval Importer Fixing VCID-wgka-2er4-abd6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:43:37.842105+00:00 Debian Oval Importer Fixing VCID-aw2w-qkay-vycd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:19:37.411855+00:00 Debian Oval Importer Affected by VCID-n7zf-vpph-nygr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T22:58:24.044083+00:00 Debian Oval Importer Fixing VCID-wjfz-3svt-akdp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:53:00.166512+00:00 Debian Oval Importer Fixing VCID-tvv8-29d2-hugb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:37:05.033744+00:00 Debian Oval Importer Affected by VCID-yxx6-d283-a7cu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:00:34.640040+00:00 Debian Oval Importer Fixing VCID-ex2c-73nv-wkd7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:53:31.008787+00:00 Debian Oval Importer Fixing VCID-wgka-2er4-abd6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:30:58.156031+00:00 Debian Oval Importer Fixing VCID-aw2w-qkay-vycd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:08:05.105471+00:00 Debian Oval Importer Affected by VCID-n7zf-vpph-nygr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0