VulnerableCode Package Details - pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u3

Search for packages

Package details: pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u3

Essentials
History (3)

purl	pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u3
Tags	Ghost

Next non-vulnerable version	1.20.1-2+deb12u4
Latest non-vulnerable version	1.20.1-2+deb12u4
Risk	2.6

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-htwj-z8xz-puh7 Aliases: CVE-2025-3576	A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.	1.20.1-2+deb12u4 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T13:52:51.531207+00:00	Debian Oval Importer	Fixing	VCID-htwj-z8xz-puh7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:49:48.367557+00:00	Debian Importer	Affected by	VCID-htwj-z8xz-puh7	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-01T12:32:17.113689+00:00	Debian Oval Importer	Fixing	VCID-9m1b-dbbz-27dq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0