VulnerableCode Package Details - pkg:deb/debian/cabextract@1.2-3%2Blenny1

Search for packages

Package details: pkg:deb/debian/cabextract@1.2-3%2Blenny1

Essentials
History (5)

purl	pkg:deb/debian/cabextract@1.2-3%2Blenny1

Next non-vulnerable version	1.6-1
Latest non-vulnerable version	1.6-1
Risk	3.0

Vulnerabilities affecting this package (5)

Vulnerability	Summary	Fixed by
VCID-7wzz-2yyd-zyg7 Aliases: CVE-2018-18584	In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.	1.4-5 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-e11d-6mn7-hbaj Aliases: CVE-2010-2801		1.3-1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-fw9h-pgxq-h7cf Aliases: CVE-2015-2060	cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash.	1.6-1 Affected by 0 other vulnerabilities.
VCID-nngc-cnq7-ukdr Aliases: CVE-2010-2800		1.3-1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-rgjr-857v-fbdw Aliases: CVE-2014-9556		1.4-5 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T18:00:14.692857+00:00	Debian Oval Importer	Affected by	VCID-e11d-6mn7-hbaj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T16:57:36.530794+00:00	Debian Oval Importer	Affected by	VCID-nngc-cnq7-ukdr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T16:49:30.926815+00:00	Debian Oval Importer	Affected by	VCID-fw9h-pgxq-h7cf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:00:32.318942+00:00	Debian Oval Importer	Affected by	VCID-rgjr-857v-fbdw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T14:42:57.807987+00:00	Debian Oval Importer	Affected by	VCID-7wzz-2yyd-zyg7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0