Search for packages
Package details: pkg:deb/debian/docker.io@20.10.5%2Bdfsg1-1
purl pkg:deb/debian/docker.io@20.10.5%2Bdfsg1-1
Next non-vulnerable version 20.10.25+dfsg1-2
Latest non-vulnerable version 20.10.25+dfsg1-2
Risk 4.5
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-98m9-ft46-aaah
Aliases:
CVE-2021-41089
GHSA-v994-f8vw-g7j4
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where attempting to copy files using `docker cp` into a specially-crafted container can result in Unix file permission changes for existing files in the host’s filesystem, widening access to others. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this version as soon as possible. Running containers do not need to be restarted.
20.10.5+dfsg1-1+deb11u2
Affected by 10 other vulnerabilities.
VCID-fckq-6rf5-aaaf
Aliases:
CVE-2021-41092
GHSA-99pg-grm5-qq3v
Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically `~/.docker/config.json`) listing a `credsStore` or `credHelpers` that could not be executed would result in any provided credentials being sent to `registry-1.docker.io` rather than the intended private registry. This bug has been fixed in Docker CLI 20.10.9. Users should update to this version as soon as possible. For users unable to update ensure that any configured credsStore or credHelpers entries in the configuration file reference an installed credential helper that is executable and on the PATH.
20.10.5+dfsg1-1+deb11u2
Affected by 10 other vulnerabilities.
VCID-qgrb-pu21-aaab
Aliases:
CVE-2021-41091
GHSA-3fwx-pjgw-3558
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as `setuid`), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this version as soon as possible. Running containers should be stopped and restarted for the permissions to be fixed. For users unable to upgrade limit access to the host to trusted users. Limit access to host volumes to trusted containers.
20.10.5+dfsg1-1+deb11u2
Affected by 10 other vulnerabilities.
VCID-vr1j-tz9g-aaae
Aliases:
CVE-2024-41110
GHSA-v23v-6jw2-98fq
Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The base likelihood of this being exploited is low. Using a specially-crafted API request, an Engine API client could make the daemon forward the request or response to an authorization plugin without the body. In certain circumstances, the authorization plugin may allow a request which it would have otherwise denied if the body had been forwarded to it. A security issue was discovered In 2018, where an attacker could bypass AuthZ plugins using a specially crafted API request. This could lead to unauthorized actions, including privilege escalation. Although this issue was fixed in Docker Engine v18.09.1 in January 2019, the fix was not carried forward to later major versions, resulting in a regression. Anyone who depends on authorization plugins that introspect the request and/or response body to make access control decisions is potentially impacted. Docker EE v19.03.x and all versions of Mirantis Container Runtime are not vulnerable. docker-ce v27.1.1 containes patches to fix the vulnerability. Patches have also been merged into the master, 19.03, 20.0, 23.0, 24.0, 25.0, 26.0, and 26.1 release branches. If one is unable to upgrade immediately, avoid using AuthZ plugins and/or restrict access to the Docker API to trusted parties, following the principle of least privilege.
20.10.23+dfsg1-1
Affected by 3 other vulnerabilities.
20.10.24+dfsg1-1+deb12u1
Affected by 5 other vulnerabilities.
20.10.25+dfsg1-2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (15)
Vulnerability Summary Aliases
VCID-3aaq-ny82-aaag Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. This bug is fixed in Moby (Docker Engine) 20.10.18. Running containers should be stopped and restarted for the permissions to be fixed. For users unable to upgrade, this problem can be worked around by not using the `"USER $USERNAME"` Dockerfile instruction. Instead by calling `ENTRYPOINT ["su", "-", "user"]` the supplementary groups will be set up properly. CVE-2022-36109
GHSA-rc4r-wh2q-q6c4
VCID-98m9-ft46-aaah Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where attempting to copy files using `docker cp` into a specially-crafted container can result in Unix file permission changes for existing files in the host’s filesystem, widening access to others. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this version as soon as possible. Running containers do not need to be restarted. CVE-2021-41089
GHSA-v994-f8vw-g7j4
VCID-9pkn-8q71-aaaa In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container. CVE-2019-14271
GHSA-v2cv-wwxq-qq97
VCID-cvtk-d332-aaaf In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing. CVE-2021-21285
GHSA-6fj5-m822-rqx8
VCID-fckq-6rf5-aaaf Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically `~/.docker/config.json`) listing a `credsStore` or `credHelpers` that could not be executed would result in any provided credentials being sent to `registry-1.docker.io` rather than the intended private registry. This bug has been fixed in Docker CLI 20.10.9. Users should update to this version as soon as possible. For users unable to update ensure that any configured credsStore or credHelpers entries in the configuration file reference an installed credential helper that is executable and on the PATH. CVE-2021-41092
GHSA-99pg-grm5-qq3v
VCID-h7tv-gsrm-aaab Moby) is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby is commonly referred to as *Docker*. Swarm Mode, which is compiled in and delivered by default in `dockerd` and is thus present in most major Moby downstreams, is a simple, built-in container orchestrator that is implemented through a combination of SwarmKit and supporting network code. The `overlay` network driver is a core feature of Swarm Mode, providing isolated virtual LANs that allow communication between containers and services across the cluster. This driver is an implementation/user of VXLAN, which encapsulates link-layer (Ethernet) frames in UDP datagrams that tag the frame with the VXLAN metadata, including a VXLAN Network ID (VNI) that identifies the originating overlay network. In addition, the overlay network driver supports an optional, off-by-default encrypted mode, which is especially useful when VXLAN packets traverses an untrusted network between nodes. Encrypted overlay networks function by encapsulating the VXLAN datagrams through the use of the IPsec Encapsulating Security Payload protocol in Transport mode. By deploying IPSec encapsulation, encrypted overlay networks gain the additional properties of source authentication through cryptographic proof, data integrity through check-summing, and confidentiality through encryption. When setting an endpoint up on an encrypted overlay network, Moby installs three iptables (Linux kernel firewall) rules that enforce both incoming and outgoing IPSec. These rules rely on the `u32` iptables extension provided by the `xt_u32` kernel module to directly filter on a VXLAN packet's VNI field, so that IPSec guarantees can be enforced on encrypted overlay networks without interfering with other overlay networks or other users of VXLAN. The `overlay` driver dynamically and lazily defines the kernel configuration for the VXLAN network on each node as containers are attached and detached. Routes and encryption parameters are only defined for destination nodes that participate in the network. The iptables rules that prevent encrypted overlay networks from accepting unencrypted packets are not created until a peer is available with which to communicate. Encrypted overlay networks silently accept cleartext VXLAN datagrams that are tagged with the VNI of an encrypted overlay network. As a result, it is possible to inject arbitrary Ethernet frames into the encrypted overlay network by encapsulating them in VXLAN datagrams. The implications of this can be quite dire, and GHSA-vwm3-crmr-xfxw should be referenced for a deeper exploration. Patches are available in Moby releases 23.0.3, and 20.10.24. As Mirantis Container Runtime's 20.10 releases are numbered differently, users of that platform should update to 20.10.16. Some workarounds are available. In multi-node clusters, deploy a global ‘pause’ container for each encrypted overlay network, on every node. For a single-node cluster, do not use overlay networks of any sort. Bridge networks provide the same connectivity on a single node and have no multi-node features. The Swarm ingress feature is implemented using an overlay network, but can be disabled by publishing ports in `host` mode instead of `ingress` mode (allowing the use of an external load balancer), and removing the `ingress` network. If encrypted overlay networks are in exclusive use, block UDP port 4789 from traffic that has not been validated by IPSec. CVE-2023-28842
GHSA-6wrf-mxfj-pf5p
VCID-jnm2-7vwf-aaaj Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby is commonly referred to as *Docker*. Swarm Mode, which is compiled in and delivered by default in `dockerd` and is thus present in most major Moby downstreams, is a simple, built-in container orchestrator that is implemented through a combination of SwarmKit and supporting network code. The `overlay` network driver is a core feature of Swarm Mode, providing isolated virtual LANs that allow communication between containers and services across the cluster. This driver is an implementation/user of VXLAN, which encapsulates link-layer (Ethernet) frames in UDP datagrams that tag the frame with the VXLAN metadata, including a VXLAN Network ID (VNI) that identifies the originating overlay network. In addition, the overlay network driver supports an optional, off-by-default encrypted mode, which is especially useful when VXLAN packets traverses an untrusted network between nodes. Encrypted overlay networks function by encapsulating the VXLAN datagrams through the use of the IPsec Encapsulating Security Payload protocol in Transport mode. By deploying IPSec encapsulation, encrypted overlay networks gain the additional properties of source authentication through cryptographic proof, data integrity through check-summing, and confidentiality through encryption. When setting an endpoint up on an encrypted overlay network, Moby installs three iptables (Linux kernel firewall) rules that enforce both incoming and outgoing IPSec. These rules rely on the `u32` iptables extension provided by the `xt_u32` kernel module to directly filter on a VXLAN packet's VNI field, so that IPSec guarantees can be enforced on encrypted overlay networks without interfering with other overlay networks or other users of VXLAN. An iptables rule designates outgoing VXLAN datagrams with a VNI that corresponds to an encrypted overlay network for IPsec encapsulation. Encrypted overlay networks on affected platforms silently transmit unencrypted data. As a result, `overlay` networks may appear to be functional, passing traffic as expected, but without any of the expected confidentiality or data integrity guarantees. It is possible for an attacker sitting in a trusted position on the network to read all of the application traffic that is moving across the overlay network, resulting in unexpected secrets or user data disclosure. Thus, because many database protocols, internal APIs, etc. are not protected by a second layer of encryption, a user may use Swarm encrypted overlay networks to provide confidentiality, which due to this vulnerability this is no longer guaranteed. Patches are available in Moby releases 23.0.3, and 20.10.24. As Mirantis Container Runtime's 20.10 releases are numbered differently, users of that platform should update to 20.10.16. Some workarounds are available. Close the VXLAN port (by default, UDP port 4789) to outgoing traffic at the Internet boundary in order to prevent unintentionally leaking unencrypted traffic over the Internet, and/or ensure that the `xt_u32` kernel module is available on all nodes of the Swarm cluster. CVE-2023-28841
GHSA-33pg-m6jh-5237
VCID-kan2-3fe2-aaan In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer (otherwise known as a “foreign layer”), the default containerd resolver will follow that URL to attempt to download it. In v1.2.x but not 1.3.0 or later, the default containerd resolver will provide its authentication credentials if the server where the URL is located presents an HTTP 401 status code along with registry-specific HTTP headers. If an attacker publishes a public image with a manifest that directs one of the layers to be fetched from a web server they control and they trick a user or system into pulling the image, they can obtain the credentials used for pulling that image. In some cases, this may be the user's username and password for the registry. In other cases, this may be the credentials attached to the cloud virtual instance which can grant access to other cloud resources in the account. The default containerd resolver is used by the cri-containerd plugin (which can be used by Kubernetes), the ctr development tool, and other client programs that have explicitly linked against it. This vulnerability has been fixed in containerd 1.2.14. containerd 1.3 and later are not affected. If you are using containerd 1.3 or later, you are not affected. If you are using cri-containerd in the 1.2 series or prior, you should ensure you only pull images from trusted sources. Other container runtimes built on top of containerd but not using the default resolver (such as Docker) are not affected. CVE-2020-15157
GHSA-742w-89gc-8m9c
VCID-qgrb-pu21-aaab Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as `setuid`), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this version as soon as possible. Running containers should be stopped and restarted for the permissions to be fixed. For users unable to upgrade limit access to the host to trusted users. Limit access to host volumes to trusted containers. CVE-2021-41091
GHSA-3fwx-pjgw-3558
VCID-r9sc-d8bp-aaak In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret. CVE-2019-13509
GHSA-j249-ghv5-7mxv
VCID-th43-scy8-aaab In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesystem they can modify files under "/var/lib/docker/<remapping>" that cause writing files with extended privileges. Versions 20.10.3 and 19.03.15 contain patches that prevent privilege escalation from remapped user. CVE-2021-21284
GHSA-7452-xqpj-6rpc
VCID-vnpd-ha1h-aaab Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby, is commonly referred to as *Docker*. Swarm Mode, which is compiled in and delivered by default in dockerd and is thus present in most major Moby downstreams, is a simple, built-in container orchestrator that is implemented through a combination of SwarmKit and supporting network code. The overlay network driver is a core feature of Swarm Mode, providing isolated virtual LANs that allow communication between containers and services across the cluster. This driver is an implementation/user of VXLAN, which encapsulates link-layer (Ethernet) frames in UDP datagrams that tag the frame with a VXLAN Network ID (VNI) that identifies the originating overlay network. In addition, the overlay network driver supports an optional, off-by-default encrypted mode, which is especially useful when VXLAN packets traverses an untrusted network between nodes. Encrypted overlay networks function by encapsulating the VXLAN datagrams through the use of the IPsec Encapsulating Security Payload protocol in Transport mode. By deploying IPSec encapsulation, encrypted overlay networks gain the additional properties of source authentication through cryptographic proof, data integrity through check-summing, and confidentiality through encryption. When setting an endpoint up on an encrypted overlay network, Moby installs three iptables (Linux kernel firewall) rules that enforce both incoming and outgoing IPSec. These rules rely on the u32 iptables extension provided by the xt_u32 kernel module to directly filter on a VXLAN packet's VNI field, so that IPSec guarantees can be enforced on encrypted overlay networks without interfering with other overlay networks or other users of VXLAN. Two iptables rules serve to filter incoming VXLAN datagrams with a VNI that corresponds to an encrypted network and discards unencrypted datagrams. The rules are appended to the end of the INPUT filter chain, following any rules that have been previously set by the system administrator. Administrator-set rules take precedence over the rules Moby sets to discard unencrypted VXLAN datagrams, which can potentially admit unencrypted datagrams that should have been discarded. The injection of arbitrary Ethernet frames can enable a Denial of Service attack. A sophisticated attacker may be able to establish a UDP or TCP connection by way of the container’s outbound gateway that would otherwise be blocked by a stateful firewall, or carry out other escalations beyond simple injection by smuggling packets into the overlay network. Patches are available in Moby releases 23.0.3 and 20.10.24. As Mirantis Container Runtime's 20.10 releases are numbered differently, users of that platform should update to 20.10.16. Some workarounds are available. Close the VXLAN port (by default, UDP port 4789) to incoming traffic at the Internet boundary to prevent all VXLAN packet injection, and/or ensure that the `xt_u32` kernel module is available on all nodes of the Swarm cluster. CVE-2023-28840
GHSA-232p-vwff-86mp
VCID-wgvq-269b-aaaq An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service. CVE-2020-13401
GHSA-qrrc-ww9x-r43g
VCID-y9hs-1kk2-aaam containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim’s API socket verified that the connecting process had an effective UID of 0, but did not otherwise restrict access to the abstract Unix domain socket. This would allow malicious containers running in the same network namespace as the shim, with an effective UID of 0 but otherwise reduced privileges, to cause new processes to be run with elevated privileges. This vulnerability has been fixed in containerd 1.3.9 and 1.4.3. Users should update to these versions as soon as they are released. It should be noted that containers started with an old version of containerd-shim should be stopped and restarted, as running containers will continue to be vulnerable even after an upgrade. If you are not providing the ability for untrusted users to start containers in the same network namespace as the shim (typically the "host" network namespace, for example with docker run --net=host or hostNetwork: true in a Kubernetes pod) and run with an effective UID of 0, you are not vulnerable to this issue. If you are running containers with a vulnerable configuration, you can deny access to all abstract sockets with AppArmor by adding a line similar to deny unix addr=@**, to your policy. It is best practice to run containers with a reduced set of privileges, with a non-zero UID, and with isolated namespaces. The containerd maintainers strongly advise against sharing namespaces with the host. Reducing the set of isolation mechanisms used for a container necessarily increases that container's privilege, regardless of what container runtime is used for running that container. CVE-2020-15257
GHSA-36xw-fx78-c5r4
VCID-ydxd-x5uj-aaab In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git clone" command, leading to code execution in the context of the user executing the "docker build" command. This occurs because git ref can be misinterpreted as a flag. CVE-2019-13139

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-22T17:20:38.399443+00:00 Debian Importer Fixing VCID-3aaq-ny82-aaag https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T18:12:13.742016+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T13:28:44.110879+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T09:35:39.107027+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T09:07:54.162733+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T08:03:44.273268+00:00 Debian Importer Fixing VCID-fckq-6rf5-aaaf https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T06:28:33.611003+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T05:44:07.763144+00:00 Debian Oval Importer Fixing VCID-cvtk-d332-aaaf None 36.1.3
2025-06-21T05:41:54.038424+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj None 36.1.3
2025-06-21T05:15:08.477521+00:00 Debian Oval Importer Affected by VCID-qgrb-pu21-aaab None 36.1.3
2025-06-21T05:07:22.729363+00:00 Debian Oval Importer Fixing VCID-r9sc-d8bp-aaak None 36.1.3
2025-06-21T04:24:58.169261+00:00 Debian Oval Importer Fixing VCID-kan2-3fe2-aaan None 36.1.3
2025-06-21T04:20:24.773674+00:00 Debian Oval Importer Fixing VCID-th43-scy8-aaab None 36.1.3
2025-06-21T03:58:46.928068+00:00 Debian Oval Importer Fixing VCID-9pkn-8q71-aaaa None 36.1.3
2025-06-21T03:26:55.579084+00:00 Debian Oval Importer Fixing VCID-wgvq-269b-aaaq None 36.1.3
2025-06-21T03:24:22.366016+00:00 Debian Oval Importer Affected by VCID-98m9-ft46-aaah None 36.1.3
2025-06-21T03:21:13.946961+00:00 Debian Oval Importer Fixing VCID-y9hs-1kk2-aaam None 36.1.3
2025-06-21T02:55:15.176342+00:00 Debian Importer Fixing VCID-3aaq-ny82-aaag None 36.1.3
2025-06-21T01:58:05.327178+00:00 Debian Oval Importer Fixing VCID-ydxd-x5uj-aaab None 36.1.3
2025-06-21T01:47:31.685144+00:00 Debian Oval Importer Affected by VCID-fckq-6rf5-aaaf None 36.1.3
2025-06-20T22:07:48.041272+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab None 36.1.3
2025-06-20T21:43:46.989077+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab None 36.1.3
2025-06-20T21:43:04.636082+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah None 36.1.3
2025-06-20T19:56:25.233365+00:00 Debian Importer Fixing VCID-fckq-6rf5-aaaf None 36.1.3
2025-06-20T19:50:45.299114+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab None 36.1.3
2025-06-08T13:10:57.312638+00:00 Debian Oval Importer Affected by VCID-fckq-6rf5-aaaf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:15:49.769274+00:00 Debian Oval Importer Fixing VCID-wgvq-269b-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:13:06.895801+00:00 Debian Oval Importer Fixing VCID-y9hs-1kk2-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:04:32.572829+00:00 Debian Oval Importer Fixing VCID-kan2-3fe2-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:04:10.445012+00:00 Debian Oval Importer Affected by VCID-98m9-ft46-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:53:58.463112+00:00 Debian Oval Importer Fixing VCID-ydxd-x5uj-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-07T23:22:24.609682+00:00 Debian Oval Importer Fixing VCID-cvtk-d332-aaaf None 36.1.0
2025-06-07T22:52:39.395057+00:00 Debian Oval Importer Affected by VCID-qgrb-pu21-aaab None 36.1.0
2025-06-07T22:44:49.997946+00:00 Debian Oval Importer Fixing VCID-r9sc-d8bp-aaak None 36.1.0
2025-06-07T22:01:13.589574+00:00 Debian Oval Importer Fixing VCID-kan2-3fe2-aaan None 36.1.0
2025-06-07T21:56:31.638547+00:00 Debian Oval Importer Fixing VCID-th43-scy8-aaab None 36.1.0
2025-06-07T21:34:03.761634+00:00 Debian Oval Importer Fixing VCID-9pkn-8q71-aaaa None 36.1.0
2025-06-07T21:00:17.538353+00:00 Debian Oval Importer Fixing VCID-wgvq-269b-aaaq None 36.1.0
2025-06-07T20:57:36.839905+00:00 Debian Oval Importer Affected by VCID-98m9-ft46-aaah None 36.1.0
2025-06-07T20:54:15.941714+00:00 Debian Oval Importer Fixing VCID-y9hs-1kk2-aaam None 36.1.0
2025-06-07T19:21:30.911044+00:00 Debian Oval Importer Fixing VCID-ydxd-x5uj-aaab None 36.1.0
2025-06-07T19:10:49.153221+00:00 Debian Oval Importer Affected by VCID-fckq-6rf5-aaaf None 36.1.0
2025-06-05T14:02:06.221155+00:00 Debian Importer Fixing VCID-fckq-6rf5-aaaf None 36.1.0
2025-06-05T13:57:38.668423+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab None 36.1.0
2025-04-13T02:11:37.115158+00:00 Debian Oval Importer Affected by VCID-vr1j-tz9g-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T21:02:26.300493+00:00 Debian Oval Importer Fixing VCID-th43-scy8-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:59:51.232674+00:00 Debian Oval Importer Affected by VCID-qgrb-pu21-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:54:22.402246+00:00 Debian Oval Importer Fixing VCID-r9sc-d8bp-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:44:21.766099+00:00 Debian Oval Importer Fixing VCID-cvtk-d332-aaaf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:16:38.373528+00:00 Debian Oval Importer Fixing VCID-9pkn-8q71-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:58:40.797658+00:00 Debian Oval Importer Affected by VCID-fckq-6rf5-aaaf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:01:35.164263+00:00 Debian Oval Importer Fixing VCID-wgvq-269b-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:58:47.645496+00:00 Debian Oval Importer Fixing VCID-y9hs-1kk2-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:49:57.803252+00:00 Debian Oval Importer Fixing VCID-kan2-3fe2-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:49:35.010553+00:00 Debian Oval Importer Affected by VCID-98m9-ft46-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:39:04.795615+00:00 Debian Oval Importer Fixing VCID-ydxd-x5uj-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-07T21:54:24.006678+00:00 Debian Oval Importer Fixing VCID-cvtk-d332-aaaf None 36.0.0
2025-04-07T21:24:38.254881+00:00 Debian Oval Importer Affected by VCID-qgrb-pu21-aaab None 36.0.0
2025-04-07T21:16:39.980265+00:00 Debian Oval Importer Fixing VCID-r9sc-d8bp-aaak None 36.0.0
2025-04-07T20:32:07.726698+00:00 Debian Oval Importer Fixing VCID-kan2-3fe2-aaan None 36.0.0
2025-04-07T20:27:06.254388+00:00 Debian Oval Importer Fixing VCID-th43-scy8-aaab None 36.0.0
2025-04-07T20:03:21.627258+00:00 Debian Oval Importer Fixing VCID-9pkn-8q71-aaaa None 36.0.0
2025-04-07T19:30:42.345786+00:00 Debian Oval Importer Fixing VCID-wgvq-269b-aaaq None 36.0.0
2025-04-07T19:28:04.923854+00:00 Debian Oval Importer Affected by VCID-98m9-ft46-aaah None 36.0.0
2025-04-07T19:24:51.541642+00:00 Debian Oval Importer Fixing VCID-y9hs-1kk2-aaam None 36.0.0
2025-04-07T17:59:20.182044+00:00 Debian Oval Importer Fixing VCID-ydxd-x5uj-aaab None 36.0.0
2025-04-07T17:48:39.399484+00:00 Debian Oval Importer Affected by VCID-fckq-6rf5-aaaf None 36.0.0
2025-04-06T10:03:16.142617+00:00 Debian Importer Fixing VCID-3aaq-ny82-aaag https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-05T14:21:00.629270+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-05T10:01:27.892929+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-05T06:52:46.168575+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-05T06:24:11.189617+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-05T05:20:18.124840+00:00 Debian Importer Fixing VCID-fckq-6rf5-aaaf https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-05T03:43:40.520035+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-05T02:56:27.051216+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj None 36.0.0
2025-04-04T05:42:14.813627+00:00 Debian Importer Fixing VCID-3aaq-ny82-aaag None 36.0.0
2025-04-04T00:46:08.643941+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab None 36.0.0
2025-04-04T00:21:12.441239+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab None 36.0.0
2025-04-04T00:20:30.156587+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah None 36.0.0
2025-04-03T23:01:05.252400+00:00 Debian Importer Fixing VCID-fckq-6rf5-aaaf None 36.0.0
2025-04-03T22:56:30.238656+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab None 36.0.0
2025-02-21T10:36:02.487877+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-21T10:36:01.811718+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab None 35.1.0
2025-02-21T10:35:53.014703+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-21T10:35:48.910298+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj None 35.1.0
2025-02-21T10:35:38.077385+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-21T10:35:37.398783+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab None 35.1.0
2025-02-21T00:42:47.404825+00:00 Debian Importer Fixing VCID-3aaq-ny82-aaag https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-21T00:42:45.856244+00:00 Debian Importer Fixing VCID-3aaq-ny82-aaag None 35.1.0
2025-02-20T06:33:14.337138+00:00 Debian Importer Fixing VCID-fckq-6rf5-aaaf https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-20T06:33:12.863135+00:00 Debian Importer Fixing VCID-fckq-6rf5-aaaf None 35.1.0
2025-02-20T06:33:06.689168+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-20T06:32:58.991553+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab None 35.1.0
2025-02-20T06:32:49.298257+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-20T06:32:44.800654+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah None 35.1.0
2024-11-24T00:10:21.975093+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab https://security-tracker.debian.org/tracker/data/json 35.0.0
2024-11-24T00:10:21.264926+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab None 35.0.0
2024-11-24T00:10:12.363233+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj https://security-tracker.debian.org/tracker/data/json 35.0.0
2024-11-24T00:10:08.287062+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj None 35.0.0
2024-11-24T00:09:57.396420+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab https://security-tracker.debian.org/tracker/data/json 35.0.0
2024-11-24T00:09:56.708120+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab None 35.0.0
2024-11-23T00:19:58.264337+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab https://security-tracker.debian.org/tracker/data/json 35.0.0
2024-11-23T00:19:50.562905+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab None 35.0.0
2024-11-23T00:19:40.876733+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah https://security-tracker.debian.org/tracker/data/json 35.0.0
2024-11-23T00:19:36.680921+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah None 35.0.0
2024-10-10T21:48:06.822651+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab https://security-tracker.debian.org/tracker/data/json 34.0.2
2024-10-10T21:48:06.138518+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab None 34.0.2
2024-10-10T21:47:59.076666+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj https://security-tracker.debian.org/tracker/data/json 34.0.2
2024-10-10T21:47:55.455587+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj None 34.0.2
2024-10-10T21:47:45.560601+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab https://security-tracker.debian.org/tracker/data/json 34.0.2
2024-10-10T21:47:44.852271+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab None 34.0.2
2024-10-09T22:48:11.905501+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab https://security-tracker.debian.org/tracker/data/json 34.0.2
2024-10-09T22:48:03.704036+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab None 34.0.2
2024-10-09T22:47:53.841463+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah https://security-tracker.debian.org/tracker/data/json 34.0.2
2024-10-09T22:47:49.430940+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah None 34.0.2
2024-09-20T02:43:00.909406+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab https://security-tracker.debian.org/tracker/data/json 34.0.1
2024-09-20T02:43:00.207914+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab None 34.0.1
2024-09-20T02:42:53.402825+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj https://security-tracker.debian.org/tracker/data/json 34.0.1
2024-09-20T02:42:50.032000+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj None 34.0.1
2024-09-20T02:42:40.607320+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab https://security-tracker.debian.org/tracker/data/json 34.0.1
2024-09-20T02:42:39.890941+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab None 34.0.1
2024-09-19T06:42:18.257311+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab https://security-tracker.debian.org/tracker/data/json 34.0.1
2024-09-19T06:42:10.839884+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab None 34.0.1
2024-09-19T06:42:01.304691+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah https://security-tracker.debian.org/tracker/data/json 34.0.1
2024-09-19T06:41:56.612272+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah None 34.0.1
2024-04-26T02:42:44.290535+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-26T02:42:38.736023+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab None 34.0.0rc4
2024-04-26T02:42:37.902534+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-26T02:42:32.272089+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj None 34.0.0rc4
2024-04-26T02:42:31.486512+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-26T02:42:25.929399+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab None 34.0.0rc4
2024-04-25T18:44:16.468994+00:00 Debian Importer Fixing VCID-3aaq-ny82-aaag https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-25T18:44:11.789287+00:00 Debian Importer Fixing VCID-3aaq-ny82-aaag None 34.0.0rc4
2024-04-25T04:59:31.919154+00:00 Debian Importer Fixing VCID-fckq-6rf5-aaaf https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-25T04:59:30.324988+00:00 Debian Importer Fixing VCID-fckq-6rf5-aaaf None 34.0.0rc4
2024-04-25T04:59:24.731602+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-25T04:59:15.821820+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab None 34.0.0rc4
2024-04-25T04:59:06.443855+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-25T04:59:01.681361+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah None 34.0.0rc4
2024-01-12T12:45:18.300511+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-12T12:45:11.673506+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab None 34.0.0rc2
2024-01-12T12:45:10.608807+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-12T12:45:03.921080+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj None 34.0.0rc2
2024-01-12T12:45:03.092383+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-12T12:44:57.096633+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab None 34.0.0rc2
2024-01-11T22:42:06.695036+00:00 Debian Importer Fixing VCID-3aaq-ny82-aaag https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-11T22:42:01.275430+00:00 Debian Importer Fixing VCID-3aaq-ny82-aaag None 34.0.0rc2
2024-01-11T06:33:08.512029+00:00 Debian Importer Fixing VCID-fckq-6rf5-aaaf https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-11T06:33:02.705754+00:00 Debian Importer Fixing VCID-fckq-6rf5-aaaf None 34.0.0rc2
2024-01-11T06:32:36.758043+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-11T06:32:15.059432+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab None 34.0.0rc2
2024-01-11T06:31:48.746826+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-11T06:31:26.013724+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah None 34.0.0rc2
2024-01-05T08:28:43.497186+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-05T08:28:37.851897+00:00 Debian Importer Fixing VCID-h7tv-gsrm-aaab None 34.0.0rc1
2024-01-05T08:28:37.022516+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-05T08:28:31.497923+00:00 Debian Importer Fixing VCID-jnm2-7vwf-aaaj None 34.0.0rc1
2024-01-05T08:28:30.608786+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-05T08:28:24.939195+00:00 Debian Importer Fixing VCID-vnpd-ha1h-aaab None 34.0.0rc1
2024-01-05T04:05:33.816281+00:00 Debian Importer Fixing VCID-3aaq-ny82-aaag https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-05T04:05:28.414727+00:00 Debian Importer Fixing VCID-3aaq-ny82-aaag None 34.0.0rc1
2024-01-04T17:34:58.805498+00:00 Debian Importer Fixing VCID-fckq-6rf5-aaaf https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-04T17:34:57.124064+00:00 Debian Importer Fixing VCID-fckq-6rf5-aaaf None 34.0.0rc1
2024-01-04T17:34:51.668867+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-04T17:34:43.063880+00:00 Debian Importer Fixing VCID-qgrb-pu21-aaab None 34.0.0rc1
2024-01-04T17:34:33.538135+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-04T17:34:28.977474+00:00 Debian Importer Fixing VCID-98m9-ft46-aaah None 34.0.0rc1