Search for packages
| purl | pkg:deb/debian/xmlsec1@1.3.10-2?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-12cg-us37-xbh8 | This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2012. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE identifiers below for more information. |
CVE-2011-1425
|
| VCID-k6xx-j2uv-67a9 | xmlsec1: xmlsec vulnerable to external entity expansion |
CVE-2017-1000061
|
| VCID-xzye-g5rw-fyh5 | Multiple vulnerabilities have been found in GraphicsMagick, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. |
CVE-2009-3736
|
| VCID-z7ht-bq8z-3qgd | XML signature HMAC truncation authentication bypass This package uses a parameter that defines an HMAC truncation length (`HMACOutputLength`) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits. |
CVE-2009-0217
GHSA-8hfm-837h-hjg5 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-17T22:47:21.166606+00:00 | Debian Importer | Fixing | VCID-k6xx-j2uv-67a9 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-17T22:47:21.123904+00:00 | Debian Importer | Fixing | VCID-12cg-us37-xbh8 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-17T22:47:21.071121+00:00 | Debian Importer | Fixing | VCID-xzye-g5rw-fyh5 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-17T22:47:21.021173+00:00 | Debian Importer | Fixing | VCID-z7ht-bq8z-3qgd | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |