Search for packages
| purl | pkg:deb/debian/dpkg@1.18.24 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-rjwj-2cvk-m3hp
Aliases: CVE-2022-1664 |
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-wh1d-qny9-syg2 |
CVE-2015-0860
|
|
| VCID-xn6d-c87e-hyfb |
CVE-2017-8283
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-08-01T19:33:51.589797+00:00 | Debian Oval Importer | Affected by | VCID-rjwj-2cvk-m3hp | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |
| 2025-08-01T17:39:21.972117+00:00 | Debian Oval Importer | Fixing | VCID-wh1d-qny9-syg2 | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |
| 2025-08-01T16:30:27.730833+00:00 | Debian Oval Importer | Fixing | VCID-xn6d-c87e-hyfb | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |
| 2025-08-01T11:30:57.921031+00:00 | Debian Oval Importer | Affected by | VCID-rjwj-2cvk-m3hp | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 37.0.0 |