VulnerableCode Package Details - pkg:deb/debian/xz-utils@5.2.2-1.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/xz-utils@5.2.2-1.2

purl	pkg:deb/debian/xz-utils@5.2.2-1.2

Next non-vulnerable version	5.8.3-1
Latest non-vulnerable version	5.8.3-1
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-3adf-qttu-3kfd Aliases: CVE-2022-1271	A vulnerability has been discovered in GNU Gzip and XZ Utils' grep helpers which could result in writes to arbitrary files.	5.2.4-1+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 5.2.5-2.1~deb11u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-3adf-qttu-3kfd
Aliases:
CVE-2022-1271

A vulnerability has been discovered in GNU Gzip and XZ Utils' grep helpers which could result in writes to arbitrary files.

5.2.4-1+deb10u1
Affected by 1 other vulnerability.

5.2.5-2.1~deb11u1
Affected by 1 other vulnerability.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T15:23:30.094256+00:00	Debian Oval Importer	Affected by	VCID-3adf-qttu-3kfd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:08:14.520867+00:00	Debian Oval Importer	Affected by	VCID-3adf-qttu-3kfd	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.4.0
2026-04-11T15:11:42.754715+00:00	Debian Oval Importer	Affected by	VCID-3adf-qttu-3kfd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T14:56:32.050687+00:00	Debian Oval Importer	Affected by	VCID-3adf-qttu-3kfd	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.3.0
2026-04-08T15:06:43.231644+00:00	Debian Oval Importer	Affected by	VCID-3adf-qttu-3kfd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T23:28:41.833099+00:00	Debian Oval Importer	Affected by	VCID-3adf-qttu-3kfd	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.1.0