Search for packages
| purl | pkg:deb/debian/krb5@1.17-3%2Bdeb10u4 |
| Next non-vulnerable version | 1.20.1-2+deb12u4 |
| Latest non-vulnerable version | 1.20.1-2+deb12u4 |
| Risk | 4.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3362-hawt-17ek
Aliases: CVE-2025-3576 |
krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions |
Affected by 0 other vulnerabilities. |
|
VCID-3du2-evy8-jfa1
Aliases: CVE-2022-42898 |
Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution. |
Affected by 2 other vulnerabilities. |
|
VCID-8yk4-du7p-eue4
Aliases: CVE-2021-36222 |
Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution. |
Affected by 2 other vulnerabilities. |
|
VCID-97k8-xbsv-87da
Aliases: CVE-2024-37371 |
krb5: GSS message token handling |
Affected by 2 other vulnerabilities. |
|
VCID-bwpn-qxzd-43g8
Aliases: CVE-2023-36054 |
Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution. |
Affected by 2 other vulnerabilities. |
|
VCID-h9q8-x3n3-6qdn
Aliases: CVE-2020-28196 |
A vulnerability in MIT Kerberos 5 could lead to a Denial of Service condition. |
Affected by 2 other vulnerabilities. |
|
VCID-khdw-3p5j-vya6
Aliases: CVE-2025-24528 |
krb5: overflow when calculating ulog block size |
Affected by 0 other vulnerabilities. |
|
VCID-w6yc-w573-vbhy
Aliases: CVE-2024-37370 |
krb5: GSS message token handling |
Affected by 2 other vulnerabilities. |
|
VCID-zw66-w86u-cuge
Aliases: CVE-2021-37750 |
Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution. |
Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-2r88-c5e9-vffv | krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data |
CVE-2018-5729
|
| VCID-8yk4-du7p-eue4 | Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution. |
CVE-2021-36222
|
| VCID-985p-gnv3-mfd8 | krb5: DN container check bypass by supplying special crafted data |
CVE-2018-5730
|
| VCID-9hyk-mdvc-1baq | krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure |
CVE-2017-11368
|
| VCID-fd9s-vn5s-gud6 | krb5: Reachable assertion in the KDC using S4U2Self requests |
CVE-2018-20217
|
| VCID-h9q8-x3n3-6qdn | A vulnerability in MIT Kerberos 5 could lead to a Denial of Service condition. |
CVE-2020-28196
|
| VCID-qcva-cb6c-wyds | krb5: Automatic sec context deletion could lead to double-free |
CVE-2017-11462
|
| VCID-r1wa-3gtw-1qey | krb5: Buffer overflow in get_matching_data() |
CVE-2017-15088
|
| VCID-zx87-dep4-8bg2 | krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c |
CVE-2018-5710
|