VulnerableCode Package Details - pkg:deb/debian/xml-security-c@1.2.1-3%2Betch1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/xml-security-c@1.2.1-3%2Betch1

Essentials
History (41)

purl	pkg:deb/debian/xml-security-c@1.2.1-3%2Betch1

Next non-vulnerable version	1.7.3-4+deb9u3
Latest non-vulnerable version	1.7.3-4+deb9u3
Risk	3.1

Vulnerabilities affecting this package (8)

Vulnerability	Summary	Fixed by
VCID-5vfa-7ndh-ubg5 Aliases: CVE-2013-2154	several	1.6.1-5+deb7u2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.7.2-2~bpo70+1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-9tws-us7w-yfhq Aliases: CVE-2011-2516	Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.	1.6.1-5+deb7u2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-f468-uhj2-2bdv Aliases: CVE-2013-2210	heap overflow	1.6.1-5+deb7u2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.7.2-2~bpo70+1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-jf41-fevz-rbcc Aliases: CVE-2013-2155	several	1.6.1-5+deb7u2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.7.2-2~bpo70+1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-x1wh-fjsq-4yak Aliases: CVE-2013-2153	several	1.6.1-5+deb7u2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.7.2-2~bpo70+1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-x9wc-g2hh-w7dc Aliases: CVE-2013-2156	several	1.6.1-5+deb7u2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.7.2-2~bpo70+1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-yab9-4unt-nfbj Aliases: DSA-4265-1 xml-security-c	security update	1.7.3-4+deb9u3 Affected by 0 other vulnerabilities.
VCID-z7ht-bq8z-3qgd Aliases: CVE-2009-0217 GHSA-8hfm-837h-hjg5	XML signature HMAC truncation authentication bypass This package uses a parameter that defines an HMAC truncation length (`HMACOutputLength`) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.	1.5.1-3+squeeze3 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T01:09:57.826122+00:00	Debian Oval Importer	Affected by	VCID-z7ht-bq8z-3qgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:12:40.908983+00:00	Debian Oval Importer	Affected by	VCID-5vfa-7ndh-ubg5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:09:34.639518+00:00	Debian Oval Importer	Affected by	VCID-f468-uhj2-2bdv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:47:34.488121+00:00	Debian Oval Importer	Affected by	VCID-9tws-us7w-yfhq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:57:07.375926+00:00	Debian Oval Importer	Affected by	VCID-x9wc-g2hh-w7dc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:35:15.419083+00:00	Debian Oval Importer	Affected by	VCID-x1wh-fjsq-4yak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:33:22.025050+00:00	Debian Oval Importer	Affected by	VCID-jf41-fevz-rbcc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T14:27:17.131462+00:00	Debian Oval Importer	Affected by	VCID-yab9-4unt-nfbj	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.4.0
2026-04-15T13:15:59.197212+00:00	Debian Oval Importer	Affected by	VCID-jf41-fevz-rbcc	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.4.0
2026-04-15T13:14:16.400543+00:00	Debian Oval Importer	Affected by	VCID-x9wc-g2hh-w7dc	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.4.0
2026-04-15T13:01:44.673719+00:00	Debian Oval Importer	Affected by	VCID-x1wh-fjsq-4yak	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.4.0
2026-04-15T12:54:59.395025+00:00	Debian Oval Importer	Affected by	VCID-f468-uhj2-2bdv	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.4.0
2026-04-15T12:54:01.572404+00:00	Debian Oval Importer	Affected by	VCID-5vfa-7ndh-ubg5	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.4.0
2026-04-12T00:41:50.695723+00:00	Debian Oval Importer	Affected by	VCID-z7ht-bq8z-3qgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:50:23.726511+00:00	Debian Oval Importer	Affected by	VCID-5vfa-7ndh-ubg5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:49:30.686102+00:00	Debian Oval Importer	Affected by	VCID-f468-uhj2-2bdv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:32:16.362571+00:00	Debian Oval Importer	Affected by	VCID-9tws-us7w-yfhq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:43:46.977208+00:00	Debian Oval Importer	Affected by	VCID-x9wc-g2hh-w7dc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:22:15.282718+00:00	Debian Oval Importer	Affected by	VCID-x1wh-fjsq-4yak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:20:24.323083+00:00	Debian Oval Importer	Affected by	VCID-jf41-fevz-rbcc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T14:15:36.995102+00:00	Debian Oval Importer	Affected by	VCID-yab9-4unt-nfbj	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.3.0
2026-04-11T13:04:43.334442+00:00	Debian Oval Importer	Affected by	VCID-jf41-fevz-rbcc	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.3.0
2026-04-11T13:03:01.861345+00:00	Debian Oval Importer	Affected by	VCID-x9wc-g2hh-w7dc	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.3.0
2026-04-11T12:51:05.437717+00:00	Debian Oval Importer	Affected by	VCID-x1wh-fjsq-4yak	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.3.0
2026-04-11T12:43:33.032245+00:00	Debian Oval Importer	Affected by	VCID-f468-uhj2-2bdv	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.3.0
2026-04-11T12:42:34.372168+00:00	Debian Oval Importer	Affected by	VCID-5vfa-7ndh-ubg5	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.3.0
2026-04-09T00:11:39.891062+00:00	Debian Oval Importer	Affected by	VCID-z7ht-bq8z-3qgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:27:57.002340+00:00	Debian Oval Importer	Affected by	VCID-5vfa-7ndh-ubg5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:29:09.239903+00:00	Debian Oval Importer	Affected by	VCID-f468-uhj2-2bdv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:17:24.784117+00:00	Debian Oval Importer	Affected by	VCID-9tws-us7w-yfhq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:34:12.682284+00:00	Debian Oval Importer	Affected by	VCID-x9wc-g2hh-w7dc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:14:03.968293+00:00	Debian Oval Importer	Affected by	VCID-x1wh-fjsq-4yak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:12:20.405746+00:00	Debian Oval Importer	Affected by	VCID-jf41-fevz-rbcc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T22:49:24.454182+00:00	Debian Oval Importer	Affected by	VCID-yab9-4unt-nfbj	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.1.0
2026-04-07T21:39:47.432984+00:00	Debian Oval Importer	Affected by	VCID-jf41-fevz-rbcc	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.1.0
2026-04-07T21:38:02.028526+00:00	Debian Oval Importer	Affected by	VCID-x9wc-g2hh-w7dc	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.1.0
2026-04-03T22:06:42.354257+00:00	Debian Oval Importer	Affected by	VCID-x1wh-fjsq-4yak	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.1.0
2026-04-03T21:53:31.131608+00:00	Debian Oval Importer	Affected by	VCID-f468-uhj2-2bdv	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.1.0
2026-04-03T21:52:31.577394+00:00	Debian Oval Importer	Affected by	VCID-5vfa-7ndh-ubg5	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.1.0
2026-04-02T12:59:43.585798+00:00	Debian Oval Importer	Affected by	VCID-f468-uhj2-2bdv	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.0.0
2026-04-02T12:58:43.101748+00:00	Debian Oval Importer	Affected by	VCID-5vfa-7ndh-ubg5	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.0.0