VulnerableCode Package Details - pkg:deb/debian/newlib@4.4.0.20231231-2?distro=trixie

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/newlib@4.4.0.20231231-2?distro=trixie

purl	pkg:deb/debian/newlib@4.4.0.20231231-2?distro=trixie

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-cztw-ay3e-cfeq	newlib: arbitrary code execution via the time unit scaling in the _gettimeofday function	CVE-2024-30949
VCID-pw8g-an3z-jydv	A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an allocation of a small buffer and then to a heap-based buffer overflow.	CVE-2021-3420

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-03T07:46:57.742792+00:00	Debian Importer	Fixing	VCID-cztw-ay3e-cfeq	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:46:57.696914+00:00	Debian Importer	Fixing	VCID-pw8g-an3z-jydv	https://security-tracker.debian.org/tracker/data/json	38.1.0