VulnerableCode Package Details - pkg:deb/debian/libextractor@1:1.3-4%2Bdeb9u3

Search for packages

Package details: pkg:deb/debian/libextractor@1:1.3-4%2Bdeb9u3

Essentials
History (18)

purl	pkg:deb/debian/libextractor@1:1.3-4%2Bdeb9u3

Next non-vulnerable version	1:1.11-2
Latest non-vulnerable version	1:1.11-2
Risk	4.0

Vulnerabilities affecting this package (13)

Vulnerability	Summary	Fixed by
VCID-1chk-qs6c-2bew Aliases: CVE-2017-15267		1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-3abv-g4x5-vbgx Aliases: CVE-2017-15922		1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-3d2m-7962-cqat Aliases: CVE-2018-16430	GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c.	1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-7dbm-pyvk-4ubz Aliases: CVE-2018-14346	GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c).	1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-9red-ywyt-3bcw Aliases: CVE-2018-14347	GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c).	1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-c56t-7kxq-nqft Aliases: CVE-2017-17440		1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-ka1y-814j-qbfq Aliases: CVE-2017-15600		1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-nr4d-urfu-7fb8 Aliases: CVE-2017-15266		1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-qt73-en1x-yfap Aliases: CVE-2018-20430	GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c.	1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-t4e8-u3n5-nyb6 Aliases: CVE-2018-20431	GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c.	1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-u4mr-46db-rqcw Aliases: CVE-2017-15602		1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-v129-37hx-xyb5 Aliases: CVE-2019-15531	GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c.	1:1.11-2 Affected by 0 other vulnerabilities.
VCID-xhuu-dwtj-mkfw Aliases: CVE-2017-15601		1:1.8-2+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (5)

Vulnerability	Summary	Aliases
VCID-3d2m-7962-cqat	GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c.	CVE-2018-16430
VCID-7dbm-pyvk-4ubz	GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c).	CVE-2018-14346
VCID-9red-ywyt-3bcw	GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c).	CVE-2018-14347
VCID-qt73-en1x-yfap	GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c.	CVE-2018-20430
VCID-t4e8-u3n5-nyb6	GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c.	CVE-2018-20431

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T19:45:37.298922+00:00	Debian Oval Importer	Affected by	VCID-ka1y-814j-qbfq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T19:35:05.138707+00:00	Debian Oval Importer	Affected by	VCID-3d2m-7962-cqat	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:53:28.450793+00:00	Debian Oval Importer	Affected by	VCID-u4mr-46db-rqcw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:14:27.829650+00:00	Debian Oval Importer	Affected by	VCID-c56t-7kxq-nqft	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:56:55.550623+00:00	Debian Oval Importer	Affected by	VCID-qt73-en1x-yfap	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:46:56.028613+00:00	Debian Oval Importer	Affected by	VCID-nr4d-urfu-7fb8	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T16:45:52.492641+00:00	Debian Oval Importer	Affected by	VCID-9red-ywyt-3bcw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T14:53:16.508957+00:00	Debian Oval Importer	Affected by	VCID-t4e8-u3n5-nyb6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T14:24:37.503309+00:00	Debian Oval Importer	Affected by	VCID-7dbm-pyvk-4ubz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:50:58.300295+00:00	Debian Oval Importer	Affected by	VCID-3abv-g4x5-vbgx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:42:29.354304+00:00	Debian Oval Importer	Affected by	VCID-v129-37hx-xyb5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:55:59.278958+00:00	Debian Oval Importer	Affected by	VCID-xhuu-dwtj-mkfw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:33:38.102366+00:00	Debian Oval Importer	Affected by	VCID-1chk-qs6c-2bew	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T11:10:40.503551+00:00	Debian Oval Importer	Fixing	VCID-t4e8-u3n5-nyb6	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	37.0.0
2025-08-01T11:01:15.134265+00:00	Debian Oval Importer	Fixing	VCID-qt73-en1x-yfap	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	37.0.0
2025-08-01T10:55:40.729703+00:00	Debian Oval Importer	Fixing	VCID-7dbm-pyvk-4ubz	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	37.0.0
2025-08-01T10:45:54.511873+00:00	Debian Oval Importer	Fixing	VCID-3d2m-7962-cqat	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	37.0.0
2025-08-01T10:44:52.775925+00:00	Debian Oval Importer	Fixing	VCID-9red-ywyt-3bcw	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	37.0.0