VulnerableCode Package Details - pkg:deb/debian/netsurf@3.6-3.1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-141q-nxrb-aaaa	The gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted LZW stream in a GIF file.	CVE-2015-7506
VCID-2n1m-xefr-aaah	libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function.	CVE-2015-7507
VCID-4qww-3wn9-aaag	The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.	CVE-2014-3566
VCID-g9x9-6gp2-aaah	Heap-based buffer overflow in the bmp_decode_rle function in libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the last row of RLE data in a crafted BMP file.	CVE-2015-7508
VCID-hq6u-kq61-aaap	Stack-based buffer overflow in the gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LZW stream in a GIF file.	CVE-2015-7505

Vulnerability

Summary

Aliases

VCID-141q-nxrb-aaaa

The gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted LZW stream in a GIF file.

CVE-2015-7506

VCID-2n1m-xefr-aaah

libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function.

CVE-2015-7507

VCID-4qww-3wn9-aaag

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

CVE-2014-3566

VCID-g9x9-6gp2-aaah

Heap-based buffer overflow in the bmp_decode_rle function in libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the last row of RLE data in a crafted BMP file.

CVE-2015-7508

VCID-hq6u-kq61-aaap

Stack-based buffer overflow in the gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LZW stream in a GIF file.

CVE-2015-7505

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-21T18:56:01.371928+00:00	Debian Oval Importer	Fixing	VCID-g9x9-6gp2-aaah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.3
2025-06-21T04:39:33.800141+00:00	Debian Oval Importer	Fixing	VCID-141q-nxrb-aaaa	None	36.1.3
2025-06-21T04:29:28.990843+00:00	Debian Oval Importer	Fixing	VCID-2n1m-xefr-aaah	None	36.1.3
2025-06-21T04:02:13.851466+00:00	Debian Oval Importer	Fixing	VCID-hq6u-kq61-aaap	None	36.1.3
2025-06-21T02:42:29.155079+00:00	Debian Oval Importer	Fixing	VCID-g9x9-6gp2-aaah	None	36.1.3
2025-06-21T02:39:19.737926+00:00	Debian Oval Importer	Fixing	VCID-4qww-3wn9-aaag	None	36.1.3
2025-06-08T12:23:26.982754+00:00	Debian Oval Importer	Fixing	VCID-hq6u-kq61-aaap	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.0
2025-06-08T11:25:30.484206+00:00	Debian Oval Importer	Fixing	VCID-g9x9-6gp2-aaah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.0
2025-06-07T22:16:19.884101+00:00	Debian Oval Importer	Fixing	VCID-141q-nxrb-aaaa	None	36.1.0
2025-06-07T22:05:51.280437+00:00	Debian Oval Importer	Fixing	VCID-2n1m-xefr-aaah	None	36.1.0
2025-06-07T21:37:34.664328+00:00	Debian Oval Importer	Fixing	VCID-hq6u-kq61-aaap	None	36.1.0
2025-06-07T20:07:52.413329+00:00	Debian Oval Importer	Fixing	VCID-g9x9-6gp2-aaah	None	36.1.0
2025-06-07T20:04:09.125489+00:00	Debian Oval Importer	Fixing	VCID-4qww-3wn9-aaag	None	36.1.0
2025-04-12T22:22:43.927162+00:00	Debian Oval Importer	Fixing	VCID-141q-nxrb-aaaa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T22:22:14.841454+00:00	Debian Oval Importer	Fixing	VCID-4qww-3wn9-aaag	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T21:11:28.825961+00:00	Debian Oval Importer	Fixing	VCID-2n1m-xefr-aaah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T18:09:30.899620+00:00	Debian Oval Importer	Fixing	VCID-hq6u-kq61-aaap	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T17:09:37.763240+00:00	Debian Oval Importer	Fixing	VCID-g9x9-6gp2-aaah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-07T20:47:50.796620+00:00	Debian Oval Importer	Fixing	VCID-141q-nxrb-aaaa	None	36.0.0
2025-04-07T20:37:08.359529+00:00	Debian Oval Importer	Fixing	VCID-2n1m-xefr-aaah	None	36.0.0
2025-04-07T20:07:06.875915+00:00	Debian Oval Importer	Fixing	VCID-hq6u-kq61-aaap	None	36.0.0
2025-04-07T18:44:48.955944+00:00	Debian Oval Importer	Fixing	VCID-g9x9-6gp2-aaah	None	36.0.0
2025-04-07T18:41:32.967473+00:00	Debian Oval Importer	Fixing	VCID-4qww-3wn9-aaag	None	36.0.0

2025-06-21T18:56:01.371928+00:00

Debian Oval Importer

Fixing

VCID-g9x9-6gp2-aaah

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

36.1.3

2025-06-21T04:39:33.800141+00:00

Debian Oval Importer

Fixing