Search for packages
| purl | pkg:deb/debian/bzr@2.6.0%2Bbzr6595-6 |
| Next non-vulnerable version | 2.7.0+bzr6622-15 |
| Latest non-vulnerable version | 2.7.0+bzr6622-15 |
| Risk | 4.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-v7ad-3uep-aaar
Aliases: CVE-2017-14176 |
Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-us5b-bv9a-aaaa | Uncontrolled Resource Consumption Algorithmic complexity vulnerability in the `ssl.match_hostname` function and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate. |
CVE-2013-2099
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T16:49:12.338932+00:00 | Debian Oval Importer | Fixing | VCID-us5b-bv9a-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:09:35.775779+00:00 | Debian Oval Importer | Affected by | VCID-v7ad-3uep-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T10:53:46.737271+00:00 | Debian Oval Importer | Affected by | VCID-v7ad-3uep-aaar | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-21T10:05:59.322095+00:00 | Debian Oval Importer | Affected by | VCID-v7ad-3uep-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T00:54:24.613414+00:00 | Debian Oval Importer | Fixing | VCID-us5b-bv9a-aaaa | None | 36.1.3 |
| 2025-06-20T19:51:29.922345+00:00 | Debian Oval Importer | Affected by | VCID-v7ad-3uep-aaar | None | 36.1.3 |
| 2025-06-08T13:12:32.763793+00:00 | Debian Oval Importer | Fixing | VCID-us5b-bv9a-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T09:34:24.180609+00:00 | Debian Oval Importer | Fixing | VCID-us5b-bv9a-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:04:25.894239+00:00 | Debian Oval Importer | Affected by | VCID-v7ad-3uep-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T04:28:27.856305+00:00 | Debian Oval Importer | Affected by | VCID-v7ad-3uep-aaar | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-08T03:55:09.174277+00:00 | Debian Oval Importer | Affected by | VCID-v7ad-3uep-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-07T18:16:45.675027+00:00 | Debian Oval Importer | Fixing | VCID-us5b-bv9a-aaaa | None | 36.1.0 |
| 2025-06-07T13:42:54.135547+00:00 | Debian Oval Importer | Affected by | VCID-v7ad-3uep-aaar | None | 36.1.0 |
| 2025-04-12T20:07:52.490760+00:00 | Debian Oval Importer | Affected by | VCID-v7ad-3uep-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T19:00:20.990054+00:00 | Debian Oval Importer | Fixing | VCID-us5b-bv9a-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T08:06:45.466984+00:00 | Debian Oval Importer | Fixing | VCID-us5b-bv9a-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:36:25.472382+00:00 | Debian Oval Importer | Affected by | VCID-v7ad-3uep-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T02:58:36.741099+00:00 | Debian Oval Importer | Affected by | VCID-v7ad-3uep-aaar | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-08T02:23:01.216204+00:00 | Debian Oval Importer | Affected by | VCID-v7ad-3uep-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-07T16:54:15.854551+00:00 | Debian Oval Importer | Fixing | VCID-us5b-bv9a-aaaa | None | 36.0.0 |
| 2025-04-07T12:18:12.576443+00:00 | Debian Oval Importer | Affected by | VCID-v7ad-3uep-aaar | None | 36.0.0 |
| 2024-12-11T08:23:13.733029+00:00 | Debian Oval Importer | Fixing | VCID-us5b-bv9a-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-15T06:49:14.657737+00:00 | Debian Oval Importer | Fixing | VCID-us5b-bv9a-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-05T04:51:48.950662+00:00 | Debian Oval Importer | Fixing | VCID-us5b-bv9a-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |