Search for packages
| purl | pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u2 |
| Next non-vulnerable version | 20.19.2+dfsg-1 |
| Latest non-vulnerable version | 20.19.2+dfsg-1 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-23tg-44pz-cbcb
Aliases: CVE-2025-23085 |
nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-2sh1-yqq9-aaah
Aliases: CVE-2024-27983 |
An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a TCP connection is abruptly closed by the client triggering the Http2Session destructor while header frames are still being processed (and stored in memory) causing a race condition. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-6m5m-4t1s-s3da
Aliases: CVE-2025-23166 |
The C++ method SignTraits::DeriveBits() may incorrectly call ThrowException() based on user-supplied inputs when executing in a background thread, crashing the Node.js process. Such cryptographic operations are commonly applied to untrusted inputs. Thus, this mechanism potentially allows an adversary to remotely crash a Node.js runtime. |
Affected by 0 other vulnerabilities. |
|
VCID-849h-j5yz-aaan
Aliases: CVE-2023-46809 |
Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/~hkario/marvin/, if PCKS #1 v1.5 padding is allowed when performing RSA descryption using a private key. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-ajr1-sm2f-2fh7
Aliases: CVE-2025-23083 |
nodejs: Node.js Worker Thread Exposure via Diagnostics Channel |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-ctqm-mmue-aaaf
Aliases: CVE-2024-21892 |
On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-k3ej-p9y8-1qfk
Aliases: CVE-2025-47153 |
Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs_20.19.0+dfsg-2_i386.deb for Debian GNU/Linux, have an inconsistent off_t size (e.g., building on i386 Debian always uses _FILE_OFFSET_BITS=64 for the libuv dynamic library, but uses the _FILE_OFFSET_BITS global system default of 32 for nodejs), leading to out-of-bounds access. NOTE: this is not a problem in the Node.js software itself. In particular, the Node.js website's download page does not offer prebuilt Node.js for Linux on i386. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-kr1n-t6yx-aaam
Aliases: CVE-2024-22025 |
A vulnerability in Node.js has been identified, allowing for a Denial of Service (DoS) attack through resource exhaustion when using the fetch() function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch() function in Node.js always decodes Brotli, making it possible for an attacker to cause resource exhaustion when fetching content from an untrusted URL. An attacker controlling the URL passed into fetch() can exploit this vulnerability to exhaust memory, potentially leading to process termination, depending on the system configuration. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-pg8s-z1fe-aaac
Aliases: CVE-2024-22020 |
A security flaw in Node.js allows a bypass of network import restrictions. By embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security. Verified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports. Exploiting this flaw can violate network import security, posing a risk to developers and servers. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-qnpk-1b3c-aaah
Aliases: CVE-2024-27982 |
The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling. Specifically, if a space is placed before a content-length header, it is not interpreted correctly, enabling attackers to smuggle in a second request within the body of the first. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-r97s-9mta-aaaj
Aliases: CVE-2024-22018 |
A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-um2g-zequ-aaaf
Aliases: CVE-2024-22019 |
A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service (DoS). The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk extension bytes. The issue can cause CPU and network bandwidth exhaustion, bypassing standard safeguards like timeouts and body size limits. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-w46h-uy5d-8qcp
Aliases: CVE-2025-23165 |
In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in `uv_fs_s.file`: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory growth, leading to a denial of service. Impact: * This vulnerability affects APIs relying on `ReadFileUtf8` on Node.js release lines: v20 and v22. |
Affected by 0 other vulnerabilities. |
|
VCID-yjk5-q2yd-aaac
Aliases: CVE-2024-36137 |
A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js Permission Model do not operate on file descriptors, however, operations such as fs.fchown or fs.fchmod can use a "read-only" file descriptor to change the owner and permissions of a file. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-23tg-44pz-cbcb | nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap |
CVE-2025-23085
|
| VCID-2hqt-4pa1-aaac | The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. |
CVE-2023-32002
|
| VCID-2sh1-yqq9-aaah | An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a TCP connection is abruptly closed by the client triggering the Http2Session destructor while header frames are still being processed (and stored in memory) causing a race condition. |
CVE-2024-27983
|
| VCID-3a15-d62k-aaae | When an invalid public key is used to create an x509 certificate using the crypto.X509Certificate() API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key info of provided certificates from user code. The current context of the users will be gone, and that will cause a DoS scenario. This vulnerability affects all active Node.js versions v16, v18, and, v20. |
CVE-2023-30588
|
| VCID-76ck-4p9k-aaan | The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js |
CVE-2023-30581
|
| VCID-849h-j5yz-aaan | Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/~hkario/marvin/, if PCKS #1 v1.5 padding is allowed when performing RSA descryption using a private key. |
CVE-2023-46809
|
| VCID-hmkq-2p3p-aaac | The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20 |
CVE-2023-30589
GHSA-cggh-pq45-6h9x |
| VCID-huhc-ydq5-aaaa | The generateKeys() API function returned from crypto.createDiffieHellman() only generates missing (or outdated) keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey(). However, the documentation says this API call: "Generates private and public Diffie-Hellman key values". The documented behavior is very different from the actual behavior, and this difference could easily lead to security issues in applications that use these APIs as the DiffieHellman may be used as the basis for application-level security, implications are consequently broad. |
CVE-2023-30590
|
| VCID-k3ej-p9y8-1qfk | Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs_20.19.0+dfsg-2_i386.deb for Debian GNU/Linux, have an inconsistent off_t size (e.g., building on i386 Debian always uses _FILE_OFFSET_BITS=64 for the libuv dynamic library, but uses the _FILE_OFFSET_BITS global system default of 32 for nodejs), leading to out-of-bounds access. NOTE: this is not a problem in the Node.js software itself. In particular, the Node.js website's download page does not offer prebuilt Node.js for Linux on i386. |
CVE-2025-47153
|
| VCID-kr1n-t6yx-aaam | A vulnerability in Node.js has been identified, allowing for a Denial of Service (DoS) attack through resource exhaustion when using the fetch() function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch() function in Node.js always decodes Brotli, making it possible for an attacker to cause resource exhaustion when fetching content from an untrusted URL. An attacker controlling the URL passed into fetch() can exploit this vulnerability to exhaust memory, potentially leading to process termination, depending on the system configuration. |
CVE-2024-22025
|
| VCID-mj23-x76p-aaak | The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. |
CVE-2023-32006
|
| VCID-qnpk-1b3c-aaah | The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling. Specifically, if a space is placed before a content-length header, it is not interpreted correctly, enabling attackers to smuggle in a second request within the body of the first. |
CVE-2024-27982
|
| VCID-sv5v-pb1b-aaam | A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. |
CVE-2023-32559
|
| VCID-um2g-zequ-aaaf | A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service (DoS). The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk extension bytes. The issue can cause CPU and network bandwidth exhaustion, bypassing standard safeguards like timeouts and body size limits. |
CVE-2024-22019
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-22T19:06:03.446423+00:00 | Debian Importer | Affected by | VCID-w46h-uy5d-8qcp | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-22T17:59:42.728741+00:00 | Debian Importer | Fixing | VCID-76ck-4p9k-aaan | None | 36.1.3 |
| 2025-06-22T07:07:40.841698+00:00 | Debian Importer | Fixing | VCID-3a15-d62k-aaae | None | 36.1.3 |
| 2025-06-22T06:18:12.667720+00:00 | Debian Importer | Affected by | VCID-k3ej-p9y8-1qfk | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-22T06:02:19.095327+00:00 | Debian Importer | Fixing | VCID-hmkq-2p3p-aaac | None | 36.1.3 |
| 2025-06-22T05:05:06.309961+00:00 | Debian Importer | Affected by | VCID-r97s-9mta-aaaj | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-22T04:41:27.455324+00:00 | Debian Importer | Affected by | VCID-6m5m-4t1s-s3da | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T09:07:16.146152+00:00 | Debian Importer | Fixing | VCID-um2g-zequ-aaaf | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T08:48:54.992365+00:00 | Debian Importer | Affected by | VCID-yjk5-q2yd-aaac | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T05:25:43.397543+00:00 | Debian Importer | Fixing | VCID-2hqt-4pa1-aaac | None | 36.1.3 |
| 2025-06-21T04:56:52.588782+00:00 | Debian Importer | Fixing | VCID-kr1n-t6yx-aaam | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T03:08:00.066291+00:00 | Debian Importer | Fixing | VCID-mj23-x76p-aaak | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T02:26:46.945551+00:00 | Debian Importer | Fixing | VCID-76ck-4p9k-aaan | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T00:32:00.085845+00:00 | Debian Importer | Affected by | VCID-um2g-zequ-aaaf | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T00:28:16.928982+00:00 | Debian Importer | Fixing | VCID-sv5v-pb1b-aaam | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T00:19:40.201531+00:00 | Debian Importer | Fixing | VCID-849h-j5yz-aaan | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T00:02:39.325093+00:00 | Debian Importer | Fixing | VCID-hmkq-2p3p-aaac | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T23:48:46.052847+00:00 | Debian Importer | Affected by | VCID-ajr1-sm2f-2fh7 | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T23:32:26.543490+00:00 | Debian Importer | Fixing | VCID-huhc-ydq5-aaaa | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T23:15:23.971446+00:00 | Debian Importer | Fixing | VCID-mj23-x76p-aaak | None | 36.1.3 |
| 2025-06-20T23:14:57.507025+00:00 | Debian Importer | Fixing | VCID-2sh1-yqq9-aaah | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T23:00:15.080162+00:00 | Debian Importer | Affected by | VCID-2sh1-yqq9-aaah | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T22:56:45.017575+00:00 | Debian Importer | Affected by | VCID-ctqm-mmue-aaaf | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T21:34:26.035227+00:00 | Debian Importer | Affected by | VCID-23tg-44pz-cbcb | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T21:29:35.099034+00:00 | Debian Importer | Affected by | VCID-qnpk-1b3c-aaah | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T21:19:37.121788+00:00 | Debian Importer | Affected by | VCID-pg8s-z1fe-aaac | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T21:15:18.105445+00:00 | Debian Importer | Fixing | VCID-2hqt-4pa1-aaac | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T21:14:36.602593+00:00 | Debian Importer | Fixing | VCID-qnpk-1b3c-aaah | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T20:43:12.359170+00:00 | Debian Importer | Affected by | VCID-849h-j5yz-aaan | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T20:40:39.098244+00:00 | Debian Importer | Affected by | VCID-kr1n-t6yx-aaam | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-05T14:30:14.432397+00:00 | Debian Importer | Affected by | VCID-849h-j5yz-aaan | https://security-tracker.debian.org/tracker/data/json | 36.1.0 |
| 2025-06-05T14:27:45.344991+00:00 | Debian Importer | Affected by | VCID-kr1n-t6yx-aaam | https://security-tracker.debian.org/tracker/data/json | 36.1.0 |
| 2025-06-01T13:17:42.414090+00:00 | Debian Importer | Affected by | VCID-6m5m-4t1s-s3da | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-06T18:48:41.899778+00:00 | Debian Oval Importer | Fixing | VCID-k3ej-p9y8-1qfk | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-05-03T11:37:58.706769+00:00 | Debian Importer | Affected by | VCID-k3ej-p9y8-1qfk | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-13T03:04:10.586830+00:00 | Debian Oval Importer | Fixing | VCID-23tg-44pz-cbcb | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-13T02:00:05.626878+00:00 | Debian Oval Importer | Fixing | VCID-um2g-zequ-aaaf | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-13T02:00:00.771040+00:00 | Debian Oval Importer | Fixing | VCID-2sh1-yqq9-aaah | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-13T01:59:14.459492+00:00 | Debian Oval Importer | Fixing | VCID-849h-j5yz-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-13T01:58:49.059811+00:00 | Debian Oval Importer | Fixing | VCID-kr1n-t6yx-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-13T01:58:38.258953+00:00 | Debian Oval Importer | Fixing | VCID-huhc-ydq5-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-13T01:55:47.300999+00:00 | Debian Oval Importer | Fixing | VCID-qnpk-1b3c-aaah | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-13T01:52:41.153857+00:00 | Debian Oval Importer | Fixing | VCID-hmkq-2p3p-aaac | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-13T01:51:15.721782+00:00 | Debian Oval Importer | Fixing | VCID-sv5v-pb1b-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-06T21:47:31.825994+00:00 | Debian Importer | Fixing | VCID-huhc-ydq5-aaaa | None | 36.0.0 |
| 2025-04-06T16:22:00.201681+00:00 | Debian Importer | Fixing | VCID-sv5v-pb1b-aaam | None | 36.0.0 |
| 2025-04-06T12:26:47.867695+00:00 | Debian Importer | Affected by | VCID-23tg-44pz-cbcb | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-06T10:26:24.552652+00:00 | Debian Importer | Fixing | VCID-76ck-4p9k-aaan | None | 36.0.0 |
| 2025-04-06T00:46:54.397494+00:00 | Debian Importer | Fixing | VCID-3a15-d62k-aaae | None | 36.0.0 |
| 2025-04-05T23:50:13.295815+00:00 | Debian Importer | Fixing | VCID-hmkq-2p3p-aaac | None | 36.0.0 |
| 2025-04-05T23:00:26.058128+00:00 | Debian Importer | Affected by | VCID-r97s-9mta-aaaj | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-05T06:23:33.652598+00:00 | Debian Importer | Fixing | VCID-um2g-zequ-aaaf | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-05T06:04:55.730790+00:00 | Debian Importer | Affected by | VCID-yjk5-q2yd-aaac | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-05T02:40:05.531735+00:00 | Debian Importer | Fixing | VCID-2hqt-4pa1-aaac | None | 36.0.0 |
| 2025-04-05T02:21:40.130723+00:00 | Debian Importer | Affected by | VCID-ajr1-sm2f-2fh7 | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T23:45:00.344199+00:00 | Debian Importer | Fixing | VCID-76ck-4p9k-aaan | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T07:46:20.472027+00:00 | Debian Importer | Fixing | VCID-kr1n-t6yx-aaam | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T05:55:20.033976+00:00 | Debian Importer | Fixing | VCID-mj23-x76p-aaak | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T03:36:27.269965+00:00 | Debian Importer | Affected by | VCID-849h-j5yz-aaan | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T03:14:54.949123+00:00 | Debian Importer | Affected by | VCID-um2g-zequ-aaaf | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T03:10:58.490370+00:00 | Debian Importer | Fixing | VCID-sv5v-pb1b-aaam | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T03:02:11.597783+00:00 | Debian Importer | Fixing | VCID-849h-j5yz-aaan | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T02:44:15.117057+00:00 | Debian Importer | Fixing | VCID-hmkq-2p3p-aaac | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T02:13:05.201597+00:00 | Debian Importer | Fixing | VCID-huhc-ydq5-aaaa | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T01:55:43.795182+00:00 | Debian Importer | Fixing | VCID-mj23-x76p-aaak | None | 36.0.0 |
| 2025-04-04T01:55:17.844606+00:00 | Debian Importer | Fixing | VCID-2sh1-yqq9-aaah | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T01:39:44.917043+00:00 | Debian Importer | Affected by | VCID-2sh1-yqq9-aaah | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T01:35:54.737969+00:00 | Debian Importer | Affected by | VCID-ctqm-mmue-aaaf | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T01:12:27.330198+00:00 | Debian Importer | Fixing | VCID-2hqt-4pa1-aaac | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T00:06:44.453142+00:00 | Debian Importer | Affected by | VCID-qnpk-1b3c-aaah | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-03T23:57:35.881741+00:00 | Debian Importer | Affected by | VCID-pg8s-z1fe-aaac | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-03T23:53:08.776768+00:00 | Debian Importer | Fixing | VCID-qnpk-1b3c-aaah | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-03T23:26:29.071082+00:00 | Debian Importer | Affected by | VCID-kr1n-t6yx-aaam | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-02-21T23:29:15.889677+00:00 | Debian Importer | Affected by | VCID-yjk5-q2yd-aaac | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T21:40:07.678311+00:00 | Debian Importer | Affected by | VCID-2sh1-yqq9-aaah | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T21:40:06.344880+00:00 | Debian Importer | Fixing | VCID-2sh1-yqq9-aaah | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T21:39:54.773839+00:00 | Debian Importer | Affected by | VCID-qnpk-1b3c-aaah | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T21:39:51.828584+00:00 | Debian Importer | Fixing | VCID-qnpk-1b3c-aaah | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T18:33:25.170746+00:00 | Debian Importer | Affected by | VCID-kr1n-t6yx-aaam | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T18:33:24.492110+00:00 | Debian Importer | Fixing | VCID-kr1n-t6yx-aaam | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T18:33:20.474587+00:00 | Debian Importer | Affected by | VCID-pg8s-z1fe-aaac | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T18:33:07.220961+00:00 | Debian Importer | Fixing | VCID-um2g-zequ-aaaf | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T18:33:06.497437+00:00 | Debian Importer | Affected by | VCID-um2g-zequ-aaaf | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T18:33:04.949256+00:00 | Debian Importer | Affected by | VCID-r97s-9mta-aaaj | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T18:32:07.251329+00:00 | Debian Importer | Affected by | VCID-ctqm-mmue-aaaf | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T14:26:11.146425+00:00 | Debian Importer | Affected by | VCID-849h-j5yz-aaan | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T14:26:10.476273+00:00 | Debian Importer | Fixing | VCID-849h-j5yz-aaan | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T11:36:39.675563+00:00 | Debian Importer | Fixing | VCID-sv5v-pb1b-aaam | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T11:36:39.000394+00:00 | Debian Importer | Fixing | VCID-sv5v-pb1b-aaam | None | 35.1.0 |
| 2025-02-21T11:25:13.448124+00:00 | Debian Importer | Fixing | VCID-mj23-x76p-aaak | None | 35.1.0 |
| 2025-02-21T11:25:04.562466+00:00 | Debian Importer | Fixing | VCID-mj23-x76p-aaak | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T11:24:45.096706+00:00 | Debian Importer | Fixing | VCID-2hqt-4pa1-aaac | None | 35.1.0 |
| 2025-02-21T11:24:43.737550+00:00 | Debian Importer | Fixing | VCID-2hqt-4pa1-aaac | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T11:07:54.435434+00:00 | Debian Importer | Fixing | VCID-huhc-ydq5-aaaa | None | 35.1.0 |
| 2025-02-21T11:07:49.364350+00:00 | Debian Importer | Fixing | VCID-huhc-ydq5-aaaa | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T11:07:39.593153+00:00 | Debian Importer | Fixing | VCID-hmkq-2p3p-aaac | None | 35.1.0 |
| 2025-02-21T11:07:35.468668+00:00 | Debian Importer | Fixing | VCID-hmkq-2p3p-aaac | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-21T11:07:33.771211+00:00 | Debian Importer | Fixing | VCID-3a15-d62k-aaae | None | 35.1.0 |
| 2025-02-21T11:07:19.255587+00:00 | Debian Importer | Fixing | VCID-76ck-4p9k-aaan | None | 35.1.0 |
| 2025-02-21T11:07:09.689213+00:00 | Debian Importer | Fixing | VCID-76ck-4p9k-aaan | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2024-11-24T10:49:45.717983+00:00 | Debian Importer | Affected by | VCID-yjk5-q2yd-aaac | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-11-24T09:30:54.841894+00:00 | Debian Importer | Affected by | VCID-2sh1-yqq9-aaah | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-11-24T09:30:52.775269+00:00 | Debian Importer | Affected by | VCID-qnpk-1b3c-aaah | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-11-24T07:02:23.134010+00:00 | Debian Importer | Affected by | VCID-kr1n-t6yx-aaam | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-11-24T07:02:22.454910+00:00 | Debian Importer | Fixing | VCID-kr1n-t6yx-aaam | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-11-24T07:02:19.741730+00:00 | Debian Importer | Affected by | VCID-pg8s-z1fe-aaac | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-11-24T07:02:17.668361+00:00 | Debian Importer | Affected by | VCID-um2g-zequ-aaaf | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-11-24T07:02:16.275684+00:00 | Debian Importer | Affected by | VCID-r97s-9mta-aaaj | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-11-24T07:01:46.089178+00:00 | Debian Importer | Affected by | VCID-ctqm-mmue-aaaf | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-11-24T03:30:56.256735+00:00 | Debian Importer | Affected by | VCID-849h-j5yz-aaan | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-11-24T00:45:03.194807+00:00 | Debian Importer | Fixing | VCID-mj23-x76p-aaak | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-11-24T00:44:57.277362+00:00 | Debian Importer | Fixing | VCID-2hqt-4pa1-aaac | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-11-24T00:37:13.100477+00:00 | Debian Importer | Fixing | VCID-76ck-4p9k-aaan | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-10-11T06:43:22.850131+00:00 | Debian Importer | Affected by | VCID-yjk5-q2yd-aaac | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-10-11T05:38:40.947157+00:00 | Debian Importer | Affected by | VCID-2sh1-yqq9-aaah | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-10-11T05:38:40.172206+00:00 | Debian Importer | Affected by | VCID-qnpk-1b3c-aaah | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-10-11T03:44:17.738444+00:00 | Debian Importer | Affected by | VCID-kr1n-t6yx-aaam | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-10-11T03:44:15.570391+00:00 | Debian Importer | Fixing | VCID-kr1n-t6yx-aaam | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-10-11T03:44:14.177699+00:00 | Debian Importer | Affected by | VCID-pg8s-z1fe-aaac | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-10-11T03:44:13.415077+00:00 | Debian Importer | Affected by | VCID-um2g-zequ-aaaf | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-10-11T03:44:12.058984+00:00 | Debian Importer | Affected by | VCID-r97s-9mta-aaaj | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-10-11T03:43:47.142129+00:00 | Debian Importer | Affected by | VCID-ctqm-mmue-aaaf | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-10-11T00:54:20.668421+00:00 | Debian Importer | Affected by | VCID-849h-j5yz-aaan | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-10-10T22:32:25.688558+00:00 | Debian Importer | Fixing | VCID-mj23-x76p-aaak | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-10-10T22:32:21.177822+00:00 | Debian Importer | Fixing | VCID-2hqt-4pa1-aaac | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-10-10T22:18:02.220112+00:00 | Debian Importer | Fixing | VCID-76ck-4p9k-aaan | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-09-25T20:44:38.888548+00:00 | Debian Importer | Affected by | VCID-yjk5-q2yd-aaac | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |
| 2024-09-25T19:48:43.340881+00:00 | Debian Importer | Affected by | VCID-2sh1-yqq9-aaah | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |
| 2024-09-25T19:48:42.633453+00:00 | Debian Importer | Affected by | VCID-qnpk-1b3c-aaah | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |
| 2024-09-20T07:50:52.249505+00:00 | Debian Importer | Affected by | VCID-kr1n-t6yx-aaam | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |
| 2024-09-20T07:50:50.223719+00:00 | Debian Importer | Fixing | VCID-kr1n-t6yx-aaam | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |
| 2024-09-20T07:50:48.846051+00:00 | Debian Importer | Affected by | VCID-pg8s-z1fe-aaac | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |
| 2024-09-20T07:50:48.132550+00:00 | Debian Importer | Affected by | VCID-um2g-zequ-aaaf | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |
| 2024-09-20T07:50:46.725674+00:00 | Debian Importer | Affected by | VCID-r97s-9mta-aaaj | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |
| 2024-09-20T07:50:25.626549+00:00 | Debian Importer | Affected by | VCID-ctqm-mmue-aaaf | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |
| 2024-09-20T05:31:16.414934+00:00 | Debian Importer | Affected by | VCID-849h-j5yz-aaan | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |
| 2024-09-20T03:21:30.958850+00:00 | Debian Importer | Fixing | VCID-mj23-x76p-aaak | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |
| 2024-09-20T03:21:26.754326+00:00 | Debian Importer | Fixing | VCID-2hqt-4pa1-aaac | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |
| 2024-09-20T03:08:01.499110+00:00 | Debian Importer | Fixing | VCID-76ck-4p9k-aaan | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |