Search for packages
Package details: pkg:deb/debian/netsurf@1.2-1
purl pkg:deb/debian/netsurf@1.2-1
Next non-vulnerable version 3.6-3.1
Latest non-vulnerable version 3.6-3.1
Risk 10.0
Vulnerabilities affecting this package (6)
Vulnerability Summary Fixed by
VCID-141q-nxrb-aaaa
Aliases:
CVE-2015-7506
The gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted LZW stream in a GIF file.
3.6-3.1
Affected by 0 other vulnerabilities.
VCID-2n1m-xefr-aaah
Aliases:
CVE-2015-7507
libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function.
3.6-3.1
Affected by 0 other vulnerabilities.
VCID-4qww-3wn9-aaag
Aliases:
CVE-2014-3566
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
3.6-3.1
Affected by 0 other vulnerabilities.
VCID-g9x9-6gp2-aaah
Aliases:
CVE-2015-7508
Heap-based buffer overflow in the bmp_decode_rle function in libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the last row of RLE data in a crafted BMP file.
3.6-3.1
Affected by 0 other vulnerabilities.
VCID-hq6u-kq61-aaap
Aliases:
CVE-2015-7505
Stack-based buffer overflow in the gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LZW stream in a GIF file.
3.6-3.1
Affected by 0 other vulnerabilities.
VCID-r1ec-rnpb-aaas
Aliases:
CVE-2012-0844
Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar.
2.9-2
Affected by 5 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T18:56:01.364427+00:00 Debian Oval Importer Affected by VCID-g9x9-6gp2-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T04:39:33.793475+00:00 Debian Oval Importer Affected by VCID-141q-nxrb-aaaa None 36.1.3
2025-06-21T04:29:28.984510+00:00 Debian Oval Importer Affected by VCID-2n1m-xefr-aaah None 36.1.3
2025-06-21T04:02:13.845505+00:00 Debian Oval Importer Affected by VCID-hq6u-kq61-aaap None 36.1.3
2025-06-21T02:42:29.148049+00:00 Debian Oval Importer Affected by VCID-g9x9-6gp2-aaah None 36.1.3
2025-06-21T02:39:19.731409+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag None 36.1.3
2025-06-21T01:35:53.464608+00:00 Debian Oval Importer Affected by VCID-r1ec-rnpb-aaas None 36.1.3
2025-06-08T12:58:44.094457+00:00 Debian Oval Importer Affected by VCID-r1ec-rnpb-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:23:26.977963+00:00 Debian Oval Importer Affected by VCID-hq6u-kq61-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:25:30.478691+00:00 Debian Oval Importer Affected by VCID-g9x9-6gp2-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-07T22:16:19.878498+00:00 Debian Oval Importer Affected by VCID-141q-nxrb-aaaa None 36.1.0
2025-06-07T22:05:51.275252+00:00 Debian Oval Importer Affected by VCID-2n1m-xefr-aaah None 36.1.0
2025-06-07T21:37:34.658550+00:00 Debian Oval Importer Affected by VCID-hq6u-kq61-aaap None 36.1.0
2025-06-07T20:07:52.408580+00:00 Debian Oval Importer Affected by VCID-g9x9-6gp2-aaah None 36.1.0
2025-06-07T20:04:09.120740+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag None 36.1.0
2025-06-07T18:58:57.100879+00:00 Debian Oval Importer Affected by VCID-r1ec-rnpb-aaas None 36.1.0
2025-04-12T22:22:43.910911+00:00 Debian Oval Importer Affected by VCID-141q-nxrb-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T22:22:14.826461+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T21:11:28.811109+00:00 Debian Oval Importer Affected by VCID-2n1m-xefr-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:46:03.847091+00:00 Debian Oval Importer Affected by VCID-r1ec-rnpb-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:09:30.884237+00:00 Debian Oval Importer Affected by VCID-hq6u-kq61-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:09:37.748564+00:00 Debian Oval Importer Affected by VCID-g9x9-6gp2-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-07T20:47:50.779973+00:00 Debian Oval Importer Affected by VCID-141q-nxrb-aaaa None 36.0.0
2025-04-07T20:37:08.344742+00:00 Debian Oval Importer Affected by VCID-2n1m-xefr-aaah None 36.0.0
2025-04-07T20:07:06.859615+00:00 Debian Oval Importer Affected by VCID-hq6u-kq61-aaap None 36.0.0
2025-04-07T18:44:48.939225+00:00 Debian Oval Importer Affected by VCID-g9x9-6gp2-aaah None 36.0.0
2025-04-07T18:41:32.945468+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag None 36.0.0
2025-04-07T17:36:48.298874+00:00 Debian Oval Importer Affected by VCID-r1ec-rnpb-aaas None 36.0.0
2024-11-28T19:12:16.877420+00:00 Debian Oval Importer Affected by VCID-r1ec-rnpb-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-10-14T04:29:08.742734+00:00 Debian Oval Importer Affected by VCID-r1ec-rnpb-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-09-21T05:59:33.043561+00:00 Debian Oval Importer Affected by VCID-r1ec-rnpb-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1