VulnerableCode Package Details - pkg:deb/debian/tla@1.3-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-8dyd-depr-aaam Aliases: CVE-2009-3560	The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720.	1.3.5+dfsg-16 Affected by 0 other vulnerabilities.
VCID-c7e7-cdc7-aaam Aliases: CVE-2009-3720	The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.	1.3.5+dfsg-16 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-8dyd-depr-aaam
Aliases:
CVE-2009-3560

The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720.

1.3.5+dfsg-16
Affected by 0 other vulnerabilities.

VCID-c7e7-cdc7-aaam
Aliases:
CVE-2009-3720

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.

1.3.5+dfsg-16
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-21T18:33:28.288780+00:00	Debian Oval Importer	Affected by	VCID-8dyd-depr-aaam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.3
2025-06-21T17:37:26.030311+00:00	Debian Oval Importer	Affected by	VCID-c7e7-cdc7-aaam	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-21T15:34:21.243700+00:00	Debian Oval Importer	Affected by	VCID-8dyd-depr-aaam	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-20T23:12:48.395460+00:00	Debian Oval Importer	Affected by	VCID-8dyd-depr-aaam	None	36.1.3
2025-06-20T20:36:14.590084+00:00	Debian Oval Importer	Affected by	VCID-c7e7-cdc7-aaam	None	36.1.3
2025-06-08T13:01:44.169177+00:00	Debian Oval Importer	Affected by	VCID-c7e7-cdc7-aaam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.0
2025-06-08T11:03:52.865171+00:00	Debian Oval Importer	Affected by	VCID-8dyd-depr-aaam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.0
2025-06-08T10:11:41.991860+00:00	Debian Oval Importer	Affected by	VCID-c7e7-cdc7-aaam	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-08T08:28:51.197595+00:00	Debian Oval Importer	Affected by	VCID-8dyd-depr-aaam	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-07T16:35:55.304924+00:00	Debian Oval Importer	Affected by	VCID-8dyd-depr-aaam	None	36.1.0
2025-06-07T14:08:46.354709+00:00	Debian Oval Importer	Affected by	VCID-c7e7-cdc7-aaam	None	36.1.0
2025-04-12T18:49:10.284813+00:00	Debian Oval Importer	Affected by	VCID-c7e7-cdc7-aaam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T16:47:06.064158+00:00	Debian Oval Importer	Affected by	VCID-8dyd-depr-aaam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T15:52:29.359027+00:00	Debian Oval Importer	Affected by	VCID-c7e7-cdc7-aaam	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-08T07:00:15.967561+00:00	Debian Oval Importer	Affected by	VCID-8dyd-depr-aaam	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-07T15:08:05.886366+00:00	Debian Oval Importer	Affected by	VCID-8dyd-depr-aaam	None	36.0.0
2025-04-07T12:42:17.399470+00:00	Debian Oval Importer	Affected by	VCID-c7e7-cdc7-aaam	None	36.0.0
2024-11-27T09:26:08.161400+00:00	Debian Oval Importer	Affected by	VCID-c7e7-cdc7-aaam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	35.0.0
2024-11-27T08:15:15.605789+00:00	Debian Oval Importer	Affected by	VCID-8dyd-depr-aaam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	35.0.0
2024-10-13T05:02:53.313964+00:00	Debian Oval Importer	Affected by	VCID-c7e7-cdc7-aaam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	34.0.2
2024-10-13T04:13:02.212795+00:00	Debian Oval Importer	Affected by	VCID-8dyd-depr-aaam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	34.0.2
2024-09-20T20:29:43.535077+00:00	Debian Oval Importer	Affected by	VCID-c7e7-cdc7-aaam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	34.0.1
2024-09-20T20:11:56.984713+00:00	Debian Oval Importer	Affected by	VCID-8dyd-depr-aaam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	34.0.1