Search for packages
Package details: pkg:deb/debian/eglibc@2.13-38%2Bdeb7u6
purl pkg:deb/debian/eglibc@2.13-38%2Bdeb7u6
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 10.0
Vulnerabilities affecting this package (17)
Vulnerability Summary Fixed by
VCID-126p-hwx7-aaab
Aliases:
CVE-2015-8777
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-516p-q81c-aaac
Aliases:
CVE-2014-9402
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-7c1g-7et9-aaab
Aliases:
CVE-2013-7424
The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to ping6.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-7mps-j7m8-aaaq
Aliases:
CVE-2015-8776
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-7wat-27ue-aaac
Aliases:
CVE-2015-8779
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-86e2-3emx-aaac
Aliases:
CVE-2014-4043
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-a7g7-sv1u-aaae
Aliases:
CVE-2014-7817
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-crqb-xv8r-aaan
Aliases:
CVE-2014-6040
GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of "0xffff" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-dw97-gxes-aaar
Aliases:
CVE-2012-6656
iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-evhs-yhuh-aaac
Aliases:
CVE-2015-7547
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-hmph-8h2t-aaar
Aliases:
CVE-2014-8121
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-j1kz-azyx-aaac
Aliases:
CVE-2015-1472
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-mbha-r89p-aaaf
Aliases:
CVE-2015-1781
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-mh4w-3cse-aaae
Aliases:
CVE-2015-1473
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-rf6m-23qz-aaac
Aliases:
CVE-2015-0235
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
VCID-uwgz-2m3w-aaan
Aliases:
CVE-2015-8778
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.
2.13-38+deb7u10
Affected by 1 other vulnerability.
VCID-zmwd-c2np-aaar
Aliases:
CVE-2012-3406
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.
2.13-38+deb7u8
Affected by 8 other vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-5vtf-562w-aaam Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules. CVE-2014-5119
VCID-q554-jg3k-aaaj Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable. CVE-2014-0475

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T09:26:59.601473+00:00 Debian Oval Importer Affected by VCID-7c1g-7et9-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:26:06.934124+00:00 Debian Oval Importer Affected by VCID-uwgz-2m3w-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:25:50.292915+00:00 Debian Oval Importer Affected by VCID-86e2-3emx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:24:53.649286+00:00 Debian Oval Importer Affected by VCID-j1kz-azyx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:24:41.015969+00:00 Debian Oval Importer Fixing VCID-5vtf-562w-aaam https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:23:40.014518+00:00 Debian Oval Importer Affected by VCID-516p-q81c-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:23:33.206216+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:16:27.388182+00:00 Debian Oval Importer Fixing VCID-q554-jg3k-aaaj https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:10:45.055006+00:00 Debian Oval Importer Affected by VCID-crqb-xv8r-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:09:04.626460+00:00 Debian Oval Importer Affected by VCID-7mps-j7m8-aaaq https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:06:44.534634+00:00 Debian Oval Importer Affected by VCID-126p-hwx7-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:06:26.770470+00:00 Debian Oval Importer Affected by VCID-a7g7-sv1u-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:05:23.829828+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:00:28.749052+00:00 Debian Oval Importer Affected by VCID-mbha-r89p-aaaf https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T08:59:42.608480+00:00 Debian Oval Importer Affected by VCID-mh4w-3cse-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T08:59:21.176230+00:00 Debian Oval Importer Affected by VCID-7wat-27ue-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T08:59:17.746497+00:00 Debian Oval Importer Affected by VCID-evhs-yhuh-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T08:58:16.631927+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T08:57:14.598279+00:00 Debian Oval Importer Affected by VCID-rf6m-23qz-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-20T19:35:06.571542+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar None 36.1.3
2025-06-20T19:33:56.776960+00:00 Debian Oval Importer Fixing VCID-q554-jg3k-aaaj None 36.1.3
2025-06-20T19:31:18.830826+00:00 Debian Oval Importer Fixing VCID-5vtf-562w-aaam None 36.1.3
2025-06-20T19:27:01.960474+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar None 36.1.3
2025-06-20T19:23:57.083719+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar None 36.1.3
2025-06-08T03:15:07.193840+00:00 Debian Oval Importer Affected by VCID-7c1g-7et9-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:14:10.960585+00:00 Debian Oval Importer Affected by VCID-uwgz-2m3w-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:13:54.617389+00:00 Debian Oval Importer Affected by VCID-86e2-3emx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:12:53.724384+00:00 Debian Oval Importer Affected by VCID-j1kz-azyx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:12:40.647038+00:00 Debian Oval Importer Fixing VCID-5vtf-562w-aaam https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:11:33.448112+00:00 Debian Oval Importer Affected by VCID-516p-q81c-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:11:25.631263+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:04:12.229908+00:00 Debian Oval Importer Fixing VCID-q554-jg3k-aaaj https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:58:11.623621+00:00 Debian Oval Importer Affected by VCID-crqb-xv8r-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:56:22.668767+00:00 Debian Oval Importer Affected by VCID-7mps-j7m8-aaaq https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:53:56.126597+00:00 Debian Oval Importer Affected by VCID-126p-hwx7-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:53:35.666872+00:00 Debian Oval Importer Affected by VCID-a7g7-sv1u-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:52:27.875876+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:47:18.864021+00:00 Debian Oval Importer Affected by VCID-mbha-r89p-aaaf https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:46:28.692655+00:00 Debian Oval Importer Affected by VCID-mh4w-3cse-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:46:06.711020+00:00 Debian Oval Importer Affected by VCID-7wat-27ue-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:46:03.242167+00:00 Debian Oval Importer Affected by VCID-evhs-yhuh-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:44:57.800665+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:43:50.353867+00:00 Debian Oval Importer Affected by VCID-rf6m-23qz-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-07T13:30:19.335731+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar None 36.1.0
2025-06-07T13:29:52.385605+00:00 Debian Oval Importer Fixing VCID-q554-jg3k-aaaj None 36.1.0
2025-06-07T13:28:05.429132+00:00 Debian Oval Importer Fixing VCID-5vtf-562w-aaam None 36.1.0
2025-06-07T13:24:51.423151+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar None 36.1.0
2025-06-07T13:22:34.299149+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar None 36.1.0
2025-06-03T13:24:08.609242+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar None 36.1.2
2025-06-03T13:21:55.961569+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar None 36.1.2
2025-04-08T01:42:31.482800+00:00 Debian Oval Importer Affected by VCID-7c1g-7et9-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:41:33.627433+00:00 Debian Oval Importer Affected by VCID-uwgz-2m3w-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:41:16.607919+00:00 Debian Oval Importer Affected by VCID-86e2-3emx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:40:15.949914+00:00 Debian Oval Importer Affected by VCID-j1kz-azyx-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:40:02.042238+00:00 Debian Oval Importer Fixing VCID-5vtf-562w-aaam https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:38:58.681142+00:00 Debian Oval Importer Affected by VCID-516p-q81c-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:38:51.597988+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:31:24.462532+00:00 Debian Oval Importer Fixing VCID-q554-jg3k-aaaj https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:25:19.960301+00:00 Debian Oval Importer Affected by VCID-crqb-xv8r-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:23:35.245078+00:00 Debian Oval Importer Affected by VCID-7mps-j7m8-aaaq https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:21:09.788036+00:00 Debian Oval Importer Affected by VCID-126p-hwx7-aaab https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:20:51.002983+00:00 Debian Oval Importer Affected by VCID-a7g7-sv1u-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:19:43.407630+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:14:28.739206+00:00 Debian Oval Importer Affected by VCID-mbha-r89p-aaaf https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:13:40.434592+00:00 Debian Oval Importer Affected by VCID-mh4w-3cse-aaae https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:13:18.286361+00:00 Debian Oval Importer Affected by VCID-7wat-27ue-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:13:14.727408+00:00 Debian Oval Importer Affected by VCID-evhs-yhuh-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:12:12.083427+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:11:06.946927+00:00 Debian Oval Importer Affected by VCID-rf6m-23qz-aaac https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-07T12:05:46.316007+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar None 36.0.0
2025-04-07T12:05:19.670513+00:00 Debian Oval Importer Fixing VCID-q554-jg3k-aaaj None 36.0.0
2025-04-07T12:03:36.533892+00:00 Debian Oval Importer Fixing VCID-5vtf-562w-aaam None 36.0.0
2025-04-07T12:00:22.072066+00:00 Debian Oval Importer Affected by VCID-hmph-8h2t-aaar None 36.0.0
2025-04-07T11:58:04.916140+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar None 36.0.0
2024-11-29T13:18:06.528007+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 35.0.0
2024-11-29T03:18:54.839848+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 35.0.0
2024-10-14T20:08:09.337392+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.2
2024-10-14T10:43:27.137841+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.2
2024-09-21T12:04:43.294194+00:00 Debian Oval Importer Affected by VCID-dw97-gxes-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.1
2024-09-21T08:38:57.578463+00:00 Debian Oval Importer Affected by VCID-zmwd-c2np-aaar https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.1