Search for packages
| purl | pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u2 |
| Tags | Ghost |
| Next non-vulnerable version | 1.20.1-2+deb12u4 |
| Latest non-vulnerable version | 1.21.3-5 |
| Risk | 3.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-7r8c-ac4p-5kfz
Aliases: CVE-2025-3576 |
A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-c74d-mzay-2kb7
Aliases: CVE-2025-24528 |
krb5: overflow when calculating ulog block size |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-pw3u-8xza-aaaq
Aliases: CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-05-02T00:45:44.709986+00:00 | Debian Importer | Affected by | VCID-7r8c-ac4p-5kfz | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-13T02:53:31.884705+00:00 | Debian Oval Importer | Fixing | VCID-c74d-mzay-2kb7 | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-05T17:49:54.095430+00:00 | Debian Importer | Affected by | VCID-pw3u-8xza-aaaq | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T06:16:35.809681+00:00 | Debian Importer | Affected by | VCID-c74d-mzay-2kb7 | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-02-21T19:00:07.618582+00:00 | Debian Importer | Affected by | VCID-pw3u-8xza-aaaq | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2024-11-24T07:16:52.122382+00:00 | Debian Importer | Affected by | VCID-pw3u-8xza-aaaq | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-10-11T03:56:18.322935+00:00 | Debian Importer | Affected by | VCID-pw3u-8xza-aaaq | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-09-25T18:20:12.574196+00:00 | Debian Importer | Affected by | VCID-pw3u-8xza-aaaq | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |