VulnerableCode Package Details - pkg:deb/debian/xz-utils@5.2.5-2.1~deb11u1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/xz-utils@5.2.5-2.1~deb11u1

purl	pkg:deb/debian/xz-utils@5.2.5-2.1~deb11u1

Next non-vulnerable version	5.8.3-1
Latest non-vulnerable version	5.8.3-1
Risk	2.4

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-d4bu-exey-kqf8 Aliases: CVE-2026-34743		5.8.2-2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 5.8.3-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-d4bu-exey-kqf8
Aliases:
CVE-2026-34743

5.8.2-2
Affected by 1 other vulnerability.

5.8.3-1
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-3adf-qttu-3kfd	A vulnerability has been discovered in GNU Gzip and XZ Utils' grep helpers which could result in writes to arbitrary files.	CVE-2022-1271

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T09:04:35.228479+00:00	Debian Importer	Affected by	VCID-d4bu-exey-kqf8	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-15T15:23:30.108035+00:00	Debian Oval Importer	Fixing	VCID-3adf-qttu-3kfd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T18:04:58.615538+00:00	Debian Importer	Affected by	VCID-d4bu-exey-kqf8	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T15:11:42.769286+00:00	Debian Oval Importer	Fixing	VCID-3adf-qttu-3kfd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T17:57:54.627587+00:00	Debian Importer	Affected by	VCID-d4bu-exey-kqf8	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T15:06:43.263179+00:00	Debian Oval Importer	Fixing	VCID-3adf-qttu-3kfd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0