Search for packages
Package details: pkg:deb/debian/eglibc@2.11.3-4%2Bdeb6u11
purl pkg:deb/debian/eglibc@2.11.3-4%2Bdeb6u11
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 10.0
Vulnerabilities affecting this package (19)
Vulnerability Summary Fixed by
VCID-126p-hwx7-aaab
Aliases:
CVE-2015-8777
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-516p-q81c-aaac
Aliases:
CVE-2014-9402
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-5vtf-562w-aaam
Aliases:
CVE-2014-5119
Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules.
2.13-38+deb7u6
Affected by 17 other vulnerabilities.
VCID-7c1g-7et9-aaab
Aliases:
CVE-2013-7424
The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to ping6.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-7mps-j7m8-aaaq
Aliases:
CVE-2015-8776
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-7wat-27ue-aaac
Aliases:
CVE-2015-8779
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-86e2-3emx-aaac
Aliases:
CVE-2014-4043
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-a7g7-sv1u-aaae
Aliases:
CVE-2014-7817
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-crqb-xv8r-aaan
Aliases:
CVE-2014-6040
GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of "0xffff" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-dw97-gxes-aaar
Aliases:
CVE-2012-6656
iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-evhs-yhuh-aaac
Aliases:
CVE-2015-7547
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-hmph-8h2t-aaar
Aliases:
CVE-2014-8121
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-j1kz-azyx-aaac
Aliases:
CVE-2015-1472
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-mbha-r89p-aaaf
Aliases:
CVE-2015-1781
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-mh4w-3cse-aaae
Aliases:
CVE-2015-1473
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-q554-jg3k-aaaj
Aliases:
CVE-2014-0475
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.
2.13-38+deb7u6
Affected by 17 other vulnerabilities.
VCID-rf6m-23qz-aaac
Aliases:
CVE-2015-0235
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-uwgz-2m3w-aaan
Aliases:
CVE-2015-8778
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-zmwd-c2np-aaar
Aliases:
CVE-2012-3406
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T09:26:59.599039+00:00 Debian Oval Importer Affected by VCID-7c1g-7et9-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:26:06.930821+00:00 Debian Oval Importer Affected by VCID-uwgz-2m3w-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:25:50.290114+00:00 Debian Oval Importer Affected by VCID-86e2-3emx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:24:53.647104+00:00 Debian Oval Importer Affected by VCID-j1kz-azyx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:24:41.013504+00:00 Debian Oval Importer Affected by VCID-5vtf-562w-aaam https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:23:40.012319+00:00 Debian Oval Importer Affected by VCID-516p-q81c-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:23:33.203720+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:16:27.386242+00:00 Debian Oval Importer Affected by VCID-q554-jg3k-aaaj https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:10:45.052576+00:00 Debian Oval Importer Affected by VCID-crqb-xv8r-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:09:04.624207+00:00 Debian Oval Importer Affected by VCID-7mps-j7m8-aaaq https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:06:44.532906+00:00 Debian Oval Importer Affected by VCID-126p-hwx7-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:06:26.768651+00:00 Debian Oval Importer Affected by VCID-a7g7-sv1u-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:05:23.826986+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:00:28.747254+00:00 Debian Oval Importer Affected by VCID-mbha-r89p-aaaf https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T08:59:42.606474+00:00 Debian Oval Importer Affected by VCID-mh4w-3cse-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T08:59:21.174435+00:00 Debian Oval Importer Affected by VCID-7wat-27ue-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T08:59:17.744515+00:00 Debian Oval Importer Affected by VCID-evhs-yhuh-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T08:58:16.629811+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T08:57:14.596242+00:00 Debian Oval Importer Affected by VCID-rf6m-23qz-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-20T19:35:06.569828+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar None 36.1.3
2025-06-20T19:33:56.775336+00:00 Debian Oval Importer Affected by VCID-q554-jg3k-aaaj None 36.1.3
2025-06-20T19:31:18.828767+00:00 Debian Oval Importer Affected by VCID-5vtf-562w-aaam None 36.1.3
2025-06-20T19:27:01.958357+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar None 36.1.3
2025-06-20T19:23:57.080736+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar None 36.1.3
2025-06-08T03:15:07.192270+00:00 Debian Oval Importer Affected by VCID-7c1g-7et9-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:14:10.959001+00:00 Debian Oval Importer Affected by VCID-uwgz-2m3w-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:13:54.615802+00:00 Debian Oval Importer Affected by VCID-86e2-3emx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:12:53.722596+00:00 Debian Oval Importer Affected by VCID-j1kz-azyx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:12:40.645499+00:00 Debian Oval Importer Affected by VCID-5vtf-562w-aaam https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:11:33.446588+00:00 Debian Oval Importer Affected by VCID-516p-q81c-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:11:25.629527+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:04:12.228301+00:00 Debian Oval Importer Affected by VCID-q554-jg3k-aaaj https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:58:11.621716+00:00 Debian Oval Importer Affected by VCID-crqb-xv8r-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:56:22.666839+00:00 Debian Oval Importer Affected by VCID-7mps-j7m8-aaaq https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:53:56.125058+00:00 Debian Oval Importer Affected by VCID-126p-hwx7-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:53:35.665245+00:00 Debian Oval Importer Affected by VCID-a7g7-sv1u-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:52:27.874243+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:47:18.862486+00:00 Debian Oval Importer Affected by VCID-mbha-r89p-aaaf https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:46:28.690717+00:00 Debian Oval Importer Affected by VCID-mh4w-3cse-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:46:06.709159+00:00 Debian Oval Importer Affected by VCID-7wat-27ue-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:46:03.239732+00:00 Debian Oval Importer Affected by VCID-evhs-yhuh-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:44:57.798792+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:43:50.351743+00:00 Debian Oval Importer Affected by VCID-rf6m-23qz-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-07T13:30:19.334189+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar None 36.1.0
2025-06-07T13:29:52.383939+00:00 Debian Oval Importer Affected by VCID-q554-jg3k-aaaj None 36.1.0
2025-06-07T13:28:05.427537+00:00 Debian Oval Importer Affected by VCID-5vtf-562w-aaam None 36.1.0
2025-06-07T13:24:51.421588+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar None 36.1.0
2025-06-07T13:22:34.297587+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar None 36.1.0
2025-06-03T13:24:08.607689+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar None 36.1.2
2025-06-03T13:21:55.959811+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar None 36.1.2
2025-04-08T01:42:31.477347+00:00 Debian Oval Importer Affected by VCID-7c1g-7et9-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:41:33.622001+00:00 Debian Oval Importer Affected by VCID-uwgz-2m3w-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:41:16.602324+00:00 Debian Oval Importer Affected by VCID-86e2-3emx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:40:15.944481+00:00 Debian Oval Importer Affected by VCID-j1kz-azyx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:40:02.037348+00:00 Debian Oval Importer Affected by VCID-5vtf-562w-aaam https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:38:58.675687+00:00 Debian Oval Importer Affected by VCID-516p-q81c-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:38:51.592843+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:31:24.457602+00:00 Debian Oval Importer Affected by VCID-q554-jg3k-aaaj https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:25:19.954157+00:00 Debian Oval Importer Affected by VCID-crqb-xv8r-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:23:35.239550+00:00 Debian Oval Importer Affected by VCID-7mps-j7m8-aaaq https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:21:09.782692+00:00 Debian Oval Importer Affected by VCID-126p-hwx7-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:20:50.997427+00:00 Debian Oval Importer Affected by VCID-a7g7-sv1u-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:19:43.402254+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:14:28.733717+00:00 Debian Oval Importer Affected by VCID-mbha-r89p-aaaf https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:13:40.429154+00:00 Debian Oval Importer Affected by VCID-mh4w-3cse-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:13:18.280990+00:00 Debian Oval Importer Affected by VCID-7wat-27ue-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:13:14.721959+00:00 Debian Oval Importer Affected by VCID-evhs-yhuh-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:12:12.077883+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:11:06.941186+00:00 Debian Oval Importer Affected by VCID-rf6m-23qz-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-07T12:05:46.311177+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar None 36.0.0
2025-04-07T12:05:19.665037+00:00 Debian Oval Importer Affected by VCID-q554-jg3k-aaaj None 36.0.0
2025-04-07T12:03:36.528460+00:00 Debian Oval Importer Affected by VCID-5vtf-562w-aaam None 36.0.0
2025-04-07T12:00:22.066778+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar None 36.0.0
2025-04-07T11:58:04.911282+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar None 36.0.0
2024-11-29T13:18:06.522999+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 35.0.0
2024-11-29T03:18:54.835035+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 35.0.0
2024-10-14T20:08:09.332589+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.2
2024-10-14T10:43:27.132987+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.2
2024-09-21T12:04:43.288946+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.1
2024-09-21T08:38:57.572231+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.1