VulnerableCode Package Details - pkg:deb/debian/poco@1.11.0-3%2Bdeb12u1

Search for packages

Vulnerability	Summary	Fixed by
VCID-546e-svdf-fyac Aliases: CVE-2025-6375	A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.14.2 is able to address this issue. The patch is identified as 6f2f85913c191ab9ddfb8fae781f5d66afccf3bf. It is recommended to upgrade the affected component.	1.14.2-3 Affected by 0 other vulnerabilities. 1.14.2-4 Affected by 0 other vulnerabilities. 1.14.2-6 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-546e-svdf-fyac
Aliases:
CVE-2025-6375

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.14.2 is able to address this issue. The patch is identified as 6f2f85913c191ab9ddfb8fae781f5d66afccf3bf. It is recommended to upgrade the affected component.

1.14.2-3
Affected by 0 other vulnerabilities.

1.14.2-4
Affected by 0 other vulnerabilities.

1.14.2-6
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2yhr-1v3n-p7a4	Integer Overflow or Wraparound UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert() and Poco::UTF32::queryConvert() may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in 1.11.8p2, 1.12.5p2, and 1.13.0.	CVE-2023-52389

Vulnerability

Summary

Aliases

VCID-2yhr-1v3n-p7a4

Integer Overflow or Wraparound UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert() and Poco::UTF32::queryConvert() may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in 1.11.8p2, 1.12.5p2, and 1.13.0.

CVE-2023-52389

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T17:50:12.457132+00:00	Debian Oval Importer	Fixing	VCID-2yhr-1v3n-p7a4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T18:26:26.395582+00:00	Debian Importer	Affected by	VCID-546e-svdf-fyac	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:36:13.984901+00:00	Debian Oval Importer	Fixing	VCID-2yhr-1v3n-p7a4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T18:17:19.542995+00:00	Debian Importer	Affected by	VCID-546e-svdf-fyac	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T17:23:45.001650+00:00	Debian Oval Importer	Fixing	VCID-2yhr-1v3n-p7a4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0