VulnerableCode Package Details - pkg:deb/debian/xml-security-c@1.2.1-3

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/xml-security-c@1.2.1-3

Essentials
History (41)

purl	pkg:deb/debian/xml-security-c@1.2.1-3

Next non-vulnerable version	1.7.3-4+deb9u3
Latest non-vulnerable version	1.7.3-4+deb9u3
Risk	3.1

Vulnerabilities affecting this package (8)

Vulnerability	Summary	Fixed by
VCID-5vfa-7ndh-ubg5 Aliases: CVE-2013-2154	several	1.6.1-5+deb7u2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.7.2-2~bpo70+1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-9tws-us7w-yfhq Aliases: CVE-2011-2516	Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.	1.6.1-5+deb7u2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-f468-uhj2-2bdv Aliases: CVE-2013-2210	heap overflow	1.6.1-5+deb7u2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.7.2-2~bpo70+1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-jf41-fevz-rbcc Aliases: CVE-2013-2155	several	1.6.1-5+deb7u2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.7.2-2~bpo70+1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-x1wh-fjsq-4yak Aliases: CVE-2013-2153	several	1.6.1-5+deb7u2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.7.2-2~bpo70+1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-x9wc-g2hh-w7dc Aliases: CVE-2013-2156	several	1.6.1-5+deb7u2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.7.2-2~bpo70+1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-yab9-4unt-nfbj Aliases: DSA-4265-1 xml-security-c	security update	1.7.3-4+deb9u3 Affected by 0 other vulnerabilities.
VCID-z7ht-bq8z-3qgd Aliases: CVE-2009-0217 GHSA-8hfm-837h-hjg5	XML signature HMAC truncation authentication bypass This package uses a parameter that defines an HMAC truncation length (`HMACOutputLength`) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.	1.5.1-3+squeeze3 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T01:09:57.822500+00:00	Debian Oval Importer	Affected by	VCID-z7ht-bq8z-3qgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:12:40.905181+00:00	Debian Oval Importer	Affected by	VCID-5vfa-7ndh-ubg5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:09:34.635903+00:00	Debian Oval Importer	Affected by	VCID-f468-uhj2-2bdv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:47:34.484021+00:00	Debian Oval Importer	Affected by	VCID-9tws-us7w-yfhq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:57:07.372249+00:00	Debian Oval Importer	Affected by	VCID-x9wc-g2hh-w7dc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:35:15.415466+00:00	Debian Oval Importer	Affected by	VCID-x1wh-fjsq-4yak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:33:22.021141+00:00	Debian Oval Importer	Affected by	VCID-jf41-fevz-rbcc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T14:27:17.128113+00:00	Debian Oval Importer	Affected by	VCID-yab9-4unt-nfbj	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.4.0
2026-04-15T13:15:59.193758+00:00	Debian Oval Importer	Affected by	VCID-jf41-fevz-rbcc	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.4.0
2026-04-15T13:14:16.397161+00:00	Debian Oval Importer	Affected by	VCID-x9wc-g2hh-w7dc	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.4.0
2026-04-15T13:01:44.670173+00:00	Debian Oval Importer	Affected by	VCID-x1wh-fjsq-4yak	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.4.0
2026-04-15T12:54:59.391717+00:00	Debian Oval Importer	Affected by	VCID-f468-uhj2-2bdv	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.4.0
2026-04-15T12:54:01.569108+00:00	Debian Oval Importer	Affected by	VCID-5vfa-7ndh-ubg5	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.4.0
2026-04-12T00:41:50.691576+00:00	Debian Oval Importer	Affected by	VCID-z7ht-bq8z-3qgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:50:23.722480+00:00	Debian Oval Importer	Affected by	VCID-5vfa-7ndh-ubg5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:49:30.682063+00:00	Debian Oval Importer	Affected by	VCID-f468-uhj2-2bdv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:32:16.360543+00:00	Debian Oval Importer	Affected by	VCID-9tws-us7w-yfhq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:43:46.971324+00:00	Debian Oval Importer	Affected by	VCID-x9wc-g2hh-w7dc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:22:15.278744+00:00	Debian Oval Importer	Affected by	VCID-x1wh-fjsq-4yak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:20:24.318878+00:00	Debian Oval Importer	Affected by	VCID-jf41-fevz-rbcc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T14:15:36.990155+00:00	Debian Oval Importer	Affected by	VCID-yab9-4unt-nfbj	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.3.0
2026-04-11T13:04:43.330297+00:00	Debian Oval Importer	Affected by	VCID-jf41-fevz-rbcc	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.3.0
2026-04-11T13:03:01.857544+00:00	Debian Oval Importer	Affected by	VCID-x9wc-g2hh-w7dc	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.3.0
2026-04-11T12:51:05.433269+00:00	Debian Oval Importer	Affected by	VCID-x1wh-fjsq-4yak	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.3.0
2026-04-11T12:43:33.028377+00:00	Debian Oval Importer	Affected by	VCID-f468-uhj2-2bdv	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.3.0
2026-04-11T12:42:34.368621+00:00	Debian Oval Importer	Affected by	VCID-5vfa-7ndh-ubg5	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.3.0
2026-04-09T00:11:39.886972+00:00	Debian Oval Importer	Affected by	VCID-z7ht-bq8z-3qgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:27:56.998300+00:00	Debian Oval Importer	Affected by	VCID-5vfa-7ndh-ubg5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:29:09.232536+00:00	Debian Oval Importer	Affected by	VCID-f468-uhj2-2bdv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:17:24.771560+00:00	Debian Oval Importer	Affected by	VCID-9tws-us7w-yfhq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:34:12.678024+00:00	Debian Oval Importer	Affected by	VCID-x9wc-g2hh-w7dc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:14:03.964376+00:00	Debian Oval Importer	Affected by	VCID-x1wh-fjsq-4yak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:12:20.401627+00:00	Debian Oval Importer	Affected by	VCID-jf41-fevz-rbcc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T22:49:24.449306+00:00	Debian Oval Importer	Affected by	VCID-yab9-4unt-nfbj	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.1.0
2026-04-07T21:39:47.428786+00:00	Debian Oval Importer	Affected by	VCID-jf41-fevz-rbcc	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.1.0
2026-04-07T21:38:02.024236+00:00	Debian Oval Importer	Affected by	VCID-x9wc-g2hh-w7dc	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.1.0
2026-04-03T22:06:42.350239+00:00	Debian Oval Importer	Affected by	VCID-x1wh-fjsq-4yak	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.1.0
2026-04-03T21:53:31.127571+00:00	Debian Oval Importer	Affected by	VCID-f468-uhj2-2bdv	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.1.0
2026-04-03T21:52:31.573664+00:00	Debian Oval Importer	Affected by	VCID-5vfa-7ndh-ubg5	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.1.0
2026-04-02T12:59:43.581384+00:00	Debian Oval Importer	Affected by	VCID-f468-uhj2-2bdv	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.0.0
2026-04-02T12:58:43.096278+00:00	Debian Oval Importer	Affected by	VCID-5vfa-7ndh-ubg5	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.0.0