Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/xmlsec1@1.2.14-1%2Bsqueeze1
purl pkg:deb/debian/xmlsec1@1.2.14-1%2Bsqueeze1
Next non-vulnerable version 1.2.27-2
Latest non-vulnerable version 1.2.27-2
Risk 9.2
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-12cg-us37-xbh8
Aliases:
CVE-2011-1425
This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2012. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE identifiers below for more information.
1.2.18-2
Affected by 1 other vulnerability.
VCID-k6xx-j2uv-67a9
Aliases:
CVE-2017-1000061
xmlsec1: xmlsec vulnerable to external entity expansion
1.2.27-2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-xzye-g5rw-fyh5 Multiple vulnerabilities have been found in GraphicsMagick, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. CVE-2009-3736
VCID-z7ht-bq8z-3qgd XML signature HMAC truncation authentication bypass This package uses a parameter that defines an HMAC truncation length (`HMACOutputLength`) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits. CVE-2009-0217
GHSA-8hfm-837h-hjg5

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T17:48:59.610919+00:00 Debian Oval Importer Affected by VCID-12cg-us37-xbh8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:48:10.775532+00:00 Debian Oval Importer Fixing VCID-z7ht-bq8z-3qgd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:22:52.137345+00:00 Debian Oval Importer Affected by VCID-k6xx-j2uv-67a9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:18:41.334920+00:00 Debian Oval Importer Fixing VCID-xzye-g5rw-fyh5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T17:34:53.410115+00:00 Debian Oval Importer Affected by VCID-12cg-us37-xbh8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:34:05.513551+00:00 Debian Oval Importer Fixing VCID-z7ht-bq8z-3qgd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:09:17.964889+00:00 Debian Oval Importer Affected by VCID-k6xx-j2uv-67a9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:05:11.248627+00:00 Debian Oval Importer Fixing VCID-xzye-g5rw-fyh5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T17:22:38.089008+00:00 Debian Oval Importer Affected by VCID-12cg-us37-xbh8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:21:51.415213+00:00 Debian Oval Importer Fixing VCID-z7ht-bq8z-3qgd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:58:24.109827+00:00 Debian Oval Importer Affected by VCID-k6xx-j2uv-67a9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:54:28.689621+00:00 Debian Oval Importer Fixing VCID-xzye-g5rw-fyh5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0