Search for packages
Package details: pkg:deb/debian/eglibc@2.11.3-4
purl pkg:deb/debian/eglibc@2.11.3-4
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 10.0
Vulnerabilities affecting this package (19)
Vulnerability Summary Fixed by
VCID-126p-hwx7-aaab
Aliases:
CVE-2015-8777
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-516p-q81c-aaac
Aliases:
CVE-2014-9402
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-5vtf-562w-aaam
Aliases:
CVE-2014-5119
Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules.
2.13-38+deb7u6
Affected by 17 other vulnerabilities.
VCID-7c1g-7et9-aaab
Aliases:
CVE-2013-7424
The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to ping6.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-7mps-j7m8-aaaq
Aliases:
CVE-2015-8776
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-7wat-27ue-aaac
Aliases:
CVE-2015-8779
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-86e2-3emx-aaac
Aliases:
CVE-2014-4043
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-a7g7-sv1u-aaae
Aliases:
CVE-2014-7817
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-crqb-xv8r-aaan
Aliases:
CVE-2014-6040
GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of "0xffff" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-dw97-gxes-aaar
Aliases:
CVE-2012-6656
iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-evhs-yhuh-aaac
Aliases:
CVE-2015-7547
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-hmph-8h2t-aaar
Aliases:
CVE-2014-8121
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-j1kz-azyx-aaac
Aliases:
CVE-2015-1472
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-mbha-r89p-aaaf
Aliases:
CVE-2015-1781
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-mh4w-3cse-aaae
Aliases:
CVE-2015-1473
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-q554-jg3k-aaaj
Aliases:
CVE-2014-0475
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.
2.13-38+deb7u6
Affected by 17 other vulnerabilities.
VCID-rf6m-23qz-aaac
Aliases:
CVE-2015-0235
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-uwgz-2m3w-aaan
Aliases:
CVE-2015-8778
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-zmwd-c2np-aaar
Aliases:
CVE-2012-3406
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T09:26:59.596568+00:00 Debian Oval Importer Affected by VCID-7c1g-7et9-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:26:06.928236+00:00 Debian Oval Importer Affected by VCID-uwgz-2m3w-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:25:50.287323+00:00 Debian Oval Importer Affected by VCID-86e2-3emx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:24:53.644893+00:00 Debian Oval Importer Affected by VCID-j1kz-azyx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:24:41.011019+00:00 Debian Oval Importer Affected by VCID-5vtf-562w-aaam https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:23:40.010118+00:00 Debian Oval Importer Affected by VCID-516p-q81c-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:23:33.201122+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:16:27.384191+00:00 Debian Oval Importer Affected by VCID-q554-jg3k-aaaj https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:10:45.050021+00:00 Debian Oval Importer Affected by VCID-crqb-xv8r-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:09:04.621800+00:00 Debian Oval Importer Affected by VCID-7mps-j7m8-aaaq https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:06:44.531163+00:00 Debian Oval Importer Affected by VCID-126p-hwx7-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:06:26.766734+00:00 Debian Oval Importer Affected by VCID-a7g7-sv1u-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:05:23.824429+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:00:28.745333+00:00 Debian Oval Importer Affected by VCID-mbha-r89p-aaaf https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T08:59:42.603846+00:00 Debian Oval Importer Affected by VCID-mh4w-3cse-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T08:59:21.172349+00:00 Debian Oval Importer Affected by VCID-7wat-27ue-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T08:59:17.742457+00:00 Debian Oval Importer Affected by VCID-evhs-yhuh-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T08:58:16.627345+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T08:57:14.594211+00:00 Debian Oval Importer Affected by VCID-rf6m-23qz-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-20T19:35:06.568082+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar None 36.1.3
2025-06-20T19:33:56.773473+00:00 Debian Oval Importer Affected by VCID-q554-jg3k-aaaj None 36.1.3
2025-06-20T19:31:18.826354+00:00 Debian Oval Importer Affected by VCID-5vtf-562w-aaam None 36.1.3
2025-06-20T19:27:01.956138+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar None 36.1.3
2025-06-20T19:23:57.070232+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar None 36.1.3
2025-06-08T03:15:07.190580+00:00 Debian Oval Importer Affected by VCID-7c1g-7et9-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:14:10.957215+00:00 Debian Oval Importer Affected by VCID-uwgz-2m3w-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:13:54.613804+00:00 Debian Oval Importer Affected by VCID-86e2-3emx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:12:53.720685+00:00 Debian Oval Importer Affected by VCID-j1kz-azyx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:12:40.643842+00:00 Debian Oval Importer Affected by VCID-5vtf-562w-aaam https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:11:33.444927+00:00 Debian Oval Importer Affected by VCID-516p-q81c-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:11:25.627912+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:04:12.226624+00:00 Debian Oval Importer Affected by VCID-q554-jg3k-aaaj https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:58:11.619703+00:00 Debian Oval Importer Affected by VCID-crqb-xv8r-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:56:22.664808+00:00 Debian Oval Importer Affected by VCID-7mps-j7m8-aaaq https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:53:56.123379+00:00 Debian Oval Importer Affected by VCID-126p-hwx7-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:53:35.663346+00:00 Debian Oval Importer Affected by VCID-a7g7-sv1u-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:52:27.872548+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:47:18.860848+00:00 Debian Oval Importer Affected by VCID-mbha-r89p-aaaf https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:46:28.688680+00:00 Debian Oval Importer Affected by VCID-mh4w-3cse-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:46:06.707219+00:00 Debian Oval Importer Affected by VCID-7wat-27ue-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:46:03.237624+00:00 Debian Oval Importer Affected by VCID-evhs-yhuh-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:44:57.796987+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:43:50.349440+00:00 Debian Oval Importer Affected by VCID-rf6m-23qz-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-07T13:30:19.332579+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar None 36.1.0
2025-06-07T13:29:52.381681+00:00 Debian Oval Importer Affected by VCID-q554-jg3k-aaaj None 36.1.0
2025-06-07T13:28:05.425788+00:00 Debian Oval Importer Affected by VCID-5vtf-562w-aaam None 36.1.0
2025-06-07T13:24:51.419951+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar None 36.1.0
2025-06-07T13:22:34.295740+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar None 36.1.0
2025-06-03T13:24:08.605668+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar None 36.1.2
2025-06-03T13:21:55.957971+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar None 36.1.2
2025-04-08T01:42:31.471755+00:00 Debian Oval Importer Affected by VCID-7c1g-7et9-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:41:33.616319+00:00 Debian Oval Importer Affected by VCID-uwgz-2m3w-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:41:16.596864+00:00 Debian Oval Importer Affected by VCID-86e2-3emx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:40:15.938792+00:00 Debian Oval Importer Affected by VCID-j1kz-azyx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:40:02.032336+00:00 Debian Oval Importer Affected by VCID-5vtf-562w-aaam https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:38:58.669841+00:00 Debian Oval Importer Affected by VCID-516p-q81c-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:38:51.587904+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:31:24.452538+00:00 Debian Oval Importer Affected by VCID-q554-jg3k-aaaj https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:25:19.948207+00:00 Debian Oval Importer Affected by VCID-crqb-xv8r-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:23:35.234057+00:00 Debian Oval Importer Affected by VCID-7mps-j7m8-aaaq https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:21:09.776983+00:00 Debian Oval Importer Affected by VCID-126p-hwx7-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:20:50.992028+00:00 Debian Oval Importer Affected by VCID-a7g7-sv1u-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:19:43.397325+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:14:28.727968+00:00 Debian Oval Importer Affected by VCID-mbha-r89p-aaaf https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:13:40.423514+00:00 Debian Oval Importer Affected by VCID-mh4w-3cse-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:13:18.275340+00:00 Debian Oval Importer Affected by VCID-7wat-27ue-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:13:14.716301+00:00 Debian Oval Importer Affected by VCID-evhs-yhuh-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:12:12.072608+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:11:06.935846+00:00 Debian Oval Importer Affected by VCID-rf6m-23qz-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-07T12:05:46.306228+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar None 36.0.0
2025-04-07T12:05:19.659585+00:00 Debian Oval Importer Affected by VCID-q554-jg3k-aaaj None 36.0.0
2025-04-07T12:03:36.522940+00:00 Debian Oval Importer Affected by VCID-5vtf-562w-aaam None 36.0.0
2025-04-07T12:00:22.061363+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar None 36.0.0
2025-04-07T11:58:04.906361+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar None 36.0.0
2024-11-29T13:18:06.517769+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 35.0.0
2024-11-29T03:18:54.829921+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 35.0.0
2024-10-14T20:08:09.327632+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.2
2024-10-14T10:43:27.127664+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.2
2024-09-21T12:04:43.283667+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.1
2024-09-21T08:38:57.565842+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.1