VulnerableCode Package Details - pkg:deb/debian/pidgin@0?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-8a4f-csqh-53fu	gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted remote attackers to execute arbitrary programs via a message containing a file: URL that is improperly handled during construction of an explorer.exe command. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3185.	CVE-2013-6486
VCID-mjen-7k79-vyd4	gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a file: URL in a message.	CVE-2011-3185
VCID-vu3h-hcpa-8ubp	Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin before 2.10.10 on Windows allows remote attackers to write to arbitrary files via a drive name in a tar archive of a smiley theme.	CVE-2014-3697

Vulnerability

Summary

Aliases

VCID-8a4f-csqh-53fu

gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted remote attackers to execute arbitrary programs via a message containing a file: URL that is improperly handled during construction of an explorer.exe command. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3185.

CVE-2013-6486

VCID-mjen-7k79-vyd4

gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a file: URL in a message.

CVE-2011-3185

VCID-vu3h-hcpa-8ubp

Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin before 2.10.10 on Windows allows remote attackers to write to arbitrary files via a drive name in a tar archive of a smiley theme.

CVE-2014-3697

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:15:59.203001+00:00	Debian Importer	Fixing	VCID-8a4f-csqh-53fu	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:59:54.502754+00:00	Debian Importer	Fixing	VCID-mjen-7k79-vyd4	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:46:12.412630+00:00	Debian Importer	Fixing	VCID-vu3h-hcpa-8ubp	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T09:08:09.210510+00:00	Debian Importer	Fixing	VCID-8a4f-csqh-53fu	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:42:04.257498+00:00	Debian Importer	Fixing	VCID-mjen-7k79-vyd4	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:53:27.645546+00:00	Debian Importer	Fixing	VCID-vu3h-hcpa-8ubp	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:50:00.056573+00:00	Debian Importer	Fixing	VCID-vu3h-hcpa-8ubp	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:49:59.773811+00:00	Debian Importer	Fixing	VCID-8a4f-csqh-53fu	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:49:58.914492+00:00	Debian Importer	Fixing	VCID-mjen-7k79-vyd4	https://security-tracker.debian.org/tracker/data/json	38.1.0