Search for packages
| purl | pkg:deb/debian/cabextract@1.6-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-324x-qevr-aaaq | cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash. |
CVE-2015-2060
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T13:05:44.737013+00:00 | Debian Oval Importer | Fixing | VCID-324x-qevr-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-20T21:49:33.358452+00:00 | Debian Oval Importer | Fixing | VCID-324x-qevr-aaaq | None | 36.1.3 |
| 2025-06-08T06:00:36.809186+00:00 | Debian Oval Importer | Fixing | VCID-324x-qevr-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-07T15:12:41.034651+00:00 | Debian Oval Importer | Fixing | VCID-324x-qevr-aaaq | None | 36.1.0 |
| 2025-04-12T20:05:03.550694+00:00 | Debian Oval Importer | Fixing | VCID-324x-qevr-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T04:32:32.798935+00:00 | Debian Oval Importer | Fixing | VCID-324x-qevr-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-07T13:44:23.230232+00:00 | Debian Oval Importer | Fixing | VCID-324x-qevr-aaaq | None | 36.0.0 |