Search for packages
| purl | pkg:deb/debian/newlib@3.3.0-1.3%2Bdeb12u1 |
| Next non-vulnerable version | 4.4.0.20231231-4 |
| Latest non-vulnerable version | 4.4.0.20231231-4 |
| Risk | 4.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-cztw-ay3e-cfeq
Aliases: CVE-2024-30949 |
newlib: arbitrary code execution via the time unit scaling in the _gettimeofday function |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-pw8g-an3z-jydv | A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an allocation of a small buffer and then to a heap-based buffer overflow. |
CVE-2021-3420
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T11:47:39.630584+00:00 | Debian Importer | Fixing | VCID-pw8g-an3z-jydv | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T10:08:12.916166+00:00 | Debian Importer | Affected by | VCID-cztw-ay3e-cfeq | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T08:02:40.510083+00:00 | Debian Importer | Fixing | VCID-pw8g-an3z-jydv | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-13T06:48:28.976303+00:00 | Debian Importer | Affected by | VCID-cztw-ay3e-cfeq | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-08T19:21:27.644713+00:00 | Debian Importer | Fixing | VCID-pw8g-an3z-jydv | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-08T18:31:40.833330+00:00 | Debian Importer | Affected by | VCID-cztw-ay3e-cfeq | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |