VulnerableCode Package Details - pkg:deb/debian/libextractor@1:0.5.23%2Bdfsg-7

Search for packages

Package details: pkg:deb/debian/libextractor@1:0.5.23%2Bdfsg-7

Essentials
History (19)

purl	pkg:deb/debian/libextractor@1:0.5.23%2Bdfsg-7

Next non-vulnerable version	1:1.11-2
Latest non-vulnerable version	1:1.11-2
Risk	4.0

Vulnerabilities affecting this package (13)

Vulnerability	Summary	Fixed by
VCID-1chk-qs6c-2bew Aliases: CVE-2017-15267		1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-3abv-g4x5-vbgx Aliases: CVE-2017-15922		1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-3d2m-7962-cqat Aliases: CVE-2018-16430	GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c.	1:1.3-4+deb9u3 Affected by 13 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-7dbm-pyvk-4ubz Aliases: CVE-2018-14346	GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c).	1:1.3-4+deb9u3 Affected by 13 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-9red-ywyt-3bcw Aliases: CVE-2018-14347	GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c).	1:1.3-4+deb9u3 Affected by 13 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-c56t-7kxq-nqft Aliases: CVE-2017-17440		1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-ka1y-814j-qbfq Aliases: CVE-2017-15600		1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-nr4d-urfu-7fb8 Aliases: CVE-2017-15266		1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-qt73-en1x-yfap Aliases: CVE-2018-20430	GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c.	1:1.3-4+deb9u3 Affected by 13 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-t4e8-u3n5-nyb6 Aliases: CVE-2018-20431	GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c.	1:1.3-4+deb9u3 Affected by 13 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-u4mr-46db-rqcw Aliases: CVE-2017-15602		1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-v129-37hx-xyb5 Aliases: CVE-2019-15531	GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c.	1:1.11-2 Affected by 0 other vulnerabilities.
VCID-xhuu-dwtj-mkfw Aliases: CVE-2017-15601		1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-addv-ycrj-s7fj	libtool: libltdl may load and execute code from a library in the current directory	CVE-2009-3736

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T19:45:37.279104+00:00	Debian Oval Importer	Affected by	VCID-ka1y-814j-qbfq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T19:35:05.120669+00:00	Debian Oval Importer	Affected by	VCID-3d2m-7962-cqat	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:53:28.431043+00:00	Debian Oval Importer	Affected by	VCID-u4mr-46db-rqcw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:30:17.255695+00:00	Debian Oval Importer	Fixing	VCID-addv-ycrj-s7fj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:14:27.811636+00:00	Debian Oval Importer	Affected by	VCID-c56t-7kxq-nqft	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:56:55.533829+00:00	Debian Oval Importer	Affected by	VCID-qt73-en1x-yfap	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:46:56.008745+00:00	Debian Oval Importer	Affected by	VCID-nr4d-urfu-7fb8	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T16:45:52.476089+00:00	Debian Oval Importer	Affected by	VCID-9red-ywyt-3bcw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T14:53:16.491840+00:00	Debian Oval Importer	Affected by	VCID-t4e8-u3n5-nyb6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T14:24:37.486528+00:00	Debian Oval Importer	Affected by	VCID-7dbm-pyvk-4ubz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:50:58.278813+00:00	Debian Oval Importer	Affected by	VCID-3abv-g4x5-vbgx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:42:29.335495+00:00	Debian Oval Importer	Affected by	VCID-v129-37hx-xyb5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:55:59.260239+00:00	Debian Oval Importer	Affected by	VCID-xhuu-dwtj-mkfw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:33:38.083576+00:00	Debian Oval Importer	Affected by	VCID-1chk-qs6c-2bew	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T11:10:40.484265+00:00	Debian Oval Importer	Affected by	VCID-t4e8-u3n5-nyb6	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	37.0.0
2025-08-01T11:01:15.115562+00:00	Debian Oval Importer	Affected by	VCID-qt73-en1x-yfap	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	37.0.0
2025-08-01T10:55:40.709829+00:00	Debian Oval Importer	Affected by	VCID-7dbm-pyvk-4ubz	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	37.0.0
2025-08-01T10:45:54.491997+00:00	Debian Oval Importer	Affected by	VCID-3d2m-7962-cqat	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	37.0.0
2025-08-01T10:44:52.748876+00:00	Debian Oval Importer	Affected by	VCID-9red-ywyt-3bcw	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	37.0.0