VulnerableCode Package Details - pkg:deb/debian/pound@3.0-2?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-4mqa-bkha-kbaj	security update	CVE-2012-4929
VCID-5dgw-xn7k-77br	Pound is vulnerable to HTTP request smuggling, which could be exploited to bypass security restrictions or poison web caches.	CVE-2005-3751
VCID-9pjk-kxgp-h7hc	Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751.	CVE-2016-10711
VCID-drv6-nz1y-ffdr	Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711.	CVE-2018-21245
VCID-e1yx-dxa6-1bba	Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact.	CVE-2011-3389
VCID-hy5s-zgt5-wfch	Pound is vulnerable to a buffer overflow that could lead to the remote execution of arbitrary code.	CVE-2005-1391
VCID-jau7-gfz8-dkfa	The renegotiation vulnerability in SSL protocol	CVE-2009-3555 GHSA-f7w7-6pjc-wwm6 VU#120541
VCID-x6gh-z1hn-qbc3	There is a format string flaw in Pound, allowing remote execution of arbitrary code with the rights of the Pound process.	CVE-2004-2026
VCID-xap5-djda-2uem	Multiple vulnerabilities have been found in Oracle JRE/JDK, allowing both local and remote attackers to compromise various Java components.	CVE-2014-3566

Vulnerability

Summary

Aliases

VCID-4mqa-bkha-kbaj

security update

CVE-2012-4929

VCID-5dgw-xn7k-77br

Pound is vulnerable to HTTP request smuggling, which could be exploited to bypass security restrictions or poison web caches.

CVE-2005-3751

VCID-9pjk-kxgp-h7hc

Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751.

CVE-2016-10711

VCID-drv6-nz1y-ffdr

Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711.

CVE-2018-21245

VCID-e1yx-dxa6-1bba

Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact.

CVE-2011-3389

VCID-hy5s-zgt5-wfch

Pound is vulnerable to a buffer overflow that could lead to the remote execution of arbitrary code.

CVE-2005-1391

VCID-jau7-gfz8-dkfa

The renegotiation vulnerability in SSL protocol

CVE-2009-3555
GHSA-f7w7-6pjc-wwm6
VU#120541

VCID-x6gh-z1hn-qbc3

There is a format string flaw in Pound, allowing remote execution of arbitrary code with the rights of the Pound process.

CVE-2004-2026

VCID-xap5-djda-2uem

Multiple vulnerabilities have been found in Oracle JRE/JDK, allowing both local and remote attackers to compromise various Java components.

CVE-2014-3566

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-13T07:28:47.811966+00:00	Debian Importer	Fixing	VCID-xap5-djda-2uem	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:26:05.577236+00:00	Debian Importer	Fixing	VCID-5dgw-xn7k-77br	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:19:07.777303+00:00	Debian Importer	Fixing	VCID-jau7-gfz8-dkfa	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:02:49.384958+00:00	Debian Importer	Fixing	VCID-hy5s-zgt5-wfch	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:43:40.320234+00:00	Debian Importer	Fixing	VCID-9pjk-kxgp-h7hc	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:30:00.925618+00:00	Debian Importer	Fixing	VCID-drv6-nz1y-ffdr	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:25:30.790714+00:00	Debian Importer	Fixing	VCID-x6gh-z1hn-qbc3	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:57:27.541552+00:00	Debian Importer	Fixing	VCID-4mqa-bkha-kbaj	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:57:20.438384+00:00	Debian Importer	Fixing	VCID-e1yx-dxa6-1bba	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:50:17.495355+00:00	Debian Importer	Fixing	VCID-drv6-nz1y-ffdr	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:50:17.456341+00:00	Debian Importer	Fixing	VCID-9pjk-kxgp-h7hc	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:50:17.414482+00:00	Debian Importer	Fixing	VCID-xap5-djda-2uem	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:50:17.372555+00:00	Debian Importer	Fixing	VCID-4mqa-bkha-kbaj	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:50:17.334959+00:00	Debian Importer	Fixing	VCID-e1yx-dxa6-1bba	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:50:17.295436+00:00	Debian Importer	Fixing	VCID-jau7-gfz8-dkfa	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:50:17.257689+00:00	Debian Importer	Fixing	VCID-5dgw-xn7k-77br	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:50:17.210491+00:00	Debian Importer	Fixing	VCID-hy5s-zgt5-wfch	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:50:17.170047+00:00	Debian Importer	Fixing	VCID-x6gh-z1hn-qbc3	https://security-tracker.debian.org/tracker/data/json	38.1.0