VulnerableCode Package Details - pkg:deb/debian/netsurf@2.9-2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/netsurf@2.9-2

Essentials
History (18)

purl	pkg:deb/debian/netsurf@2.9-2

Next non-vulnerable version	3.6-3.1
Latest non-vulnerable version	3.6-3.1
Risk	7.8

Vulnerabilities affecting this package (5)

Vulnerability	Summary	Fixed by
VCID-du81-6y36-tucd Aliases: CVE-2015-7506	The gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted LZW stream in a GIF file.	3.6-3.1 Affected by 0 other vulnerabilities.
VCID-g13j-r71a-ubfb Aliases: CVE-2015-7508	Heap-based buffer overflow in the bmp_decode_rle function in libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the last row of RLE data in a crafted BMP file.	3.6-3.1 Affected by 0 other vulnerabilities.
VCID-t8zz-gpdg-4bbm Aliases: CVE-2015-7505	Stack-based buffer overflow in the gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LZW stream in a GIF file.	3.6-3.1 Affected by 0 other vulnerabilities.
VCID-wvuu-zw8y-17hg Aliases: CVE-2015-7507	libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function.	3.6-3.1 Affected by 0 other vulnerabilities.
VCID-xap5-djda-2uem Aliases: CVE-2014-3566	Multiple vulnerabilities have been found in Oracle JRE/JDK, allowing both local and remote attackers to compromise various Java components.	3.6-3.1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-mxk3-5172-nqhh	Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar.	CVE-2012-0844

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T00:42:00.084310+00:00	Debian Oval Importer	Affected by	VCID-du81-6y36-tucd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-16T00:41:07.489714+00:00	Debian Oval Importer	Affected by	VCID-xap5-djda-2uem	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:49:36.774395+00:00	Debian Oval Importer	Affected by	VCID-wvuu-zw8y-17hg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T19:02:03.416641+00:00	Debian Oval Importer	Fixing	VCID-mxk3-5172-nqhh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:04:23.969588+00:00	Debian Oval Importer	Affected by	VCID-t8zz-gpdg-4bbm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:31:37.359881+00:00	Debian Oval Importer	Affected by	VCID-g13j-r71a-ubfb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-12T00:14:49.049825+00:00	Debian Oval Importer	Affected by	VCID-du81-6y36-tucd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-12T00:13:58.360499+00:00	Debian Oval Importer	Affected by	VCID-xap5-djda-2uem	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:26:06.595829+00:00	Debian Oval Importer	Affected by	VCID-wvuu-zw8y-17hg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:46:06.485960+00:00	Debian Oval Importer	Fixing	VCID-mxk3-5172-nqhh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:50:06.380091+00:00	Debian Oval Importer	Affected by	VCID-t8zz-gpdg-4bbm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:18:42.203071+00:00	Debian Oval Importer	Affected by	VCID-g13j-r71a-ubfb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T23:45:46.712104+00:00	Debian Oval Importer	Affected by	VCID-du81-6y36-tucd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T23:44:57.490112+00:00	Debian Oval Importer	Affected by	VCID-xap5-djda-2uem	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:01:57.226453+00:00	Debian Oval Importer	Affected by	VCID-wvuu-zw8y-17hg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:31:07.447796+00:00	Debian Oval Importer	Fixing	VCID-mxk3-5172-nqhh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:37:15.634347+00:00	Debian Oval Importer	Affected by	VCID-t8zz-gpdg-4bbm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:10:44.974268+00:00	Debian Oval Importer	Affected by	VCID-g13j-r71a-ubfb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0