Search for packages
| purl | pkg:deb/debian/xmlsec1@1.2.14-1%2Bsqueeze1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-7zat-xwhp-aaak
Aliases: CVE-2011-1425 |
xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification. |
Affected by 1 other vulnerability. |
|
VCID-9zw8-dcvx-aaae
Aliases: CVE-2017-1000061 |
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-kdf2-e615-aaaj | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file. |
CVE-2009-3736
|
| VCID-s9fq-hc6s-aaad | XML signature HMAC truncation authentication bypass This package uses a parameter that defines an HMAC truncation length (`HMACOutputLength`) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits. |
CVE-2009-0217
GHSA-8hfm-837h-hjg5 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T16:28:17.915625+00:00 | Debian Oval Importer | Affected by | VCID-9zw8-dcvx-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T16:23:58.462809+00:00 | Debian Oval Importer | Affected by | VCID-7zat-xwhp-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T15:07:16.274239+00:00 | Debian Oval Importer | Fixing | VCID-s9fq-hc6s-aaad | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:28:17.466584+00:00 | Debian Oval Importer | Fixing | VCID-kdf2-e615-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-20T23:32:13.203594+00:00 | Debian Oval Importer | Affected by | VCID-9zw8-dcvx-aaae | None | 36.1.3 |
| 2025-06-20T22:33:04.780434+00:00 | Debian Oval Importer | Fixing | VCID-s9fq-hc6s-aaad | None | 36.1.3 |
| 2025-06-20T22:09:17.009882+00:00 | Debian Oval Importer | Fixing | VCID-kdf2-e615-aaaj | None | 36.1.3 |
| 2025-06-20T19:30:26.586611+00:00 | Debian Oval Importer | Affected by | VCID-7zat-xwhp-aaak | None | 36.1.3 |
| 2025-06-08T12:13:49.431774+00:00 | Debian Oval Importer | Affected by | VCID-7zat-xwhp-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T12:13:20.780490+00:00 | Debian Oval Importer | Fixing | VCID-s9fq-hc6s-aaad | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T11:57:20.545628+00:00 | Debian Oval Importer | Affected by | VCID-9zw8-dcvx-aaae | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T11:54:34.127363+00:00 | Debian Oval Importer | Fixing | VCID-kdf2-e615-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T09:14:11.644663+00:00 | Debian Oval Importer | Affected by | VCID-9zw8-dcvx-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T09:09:59.782499+00:00 | Debian Oval Importer | Affected by | VCID-7zat-xwhp-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T08:00:45.835305+00:00 | Debian Oval Importer | Fixing | VCID-s9fq-hc6s-aaad | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:21:18.877819+00:00 | Debian Oval Importer | Fixing | VCID-kdf2-e615-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-07T16:55:08.931723+00:00 | Debian Oval Importer | Affected by | VCID-9zw8-dcvx-aaae | None | 36.1.0 |
| 2025-06-07T15:57:08.099301+00:00 | Debian Oval Importer | Fixing | VCID-s9fq-hc6s-aaad | None | 36.1.0 |
| 2025-06-07T15:33:16.215510+00:00 | Debian Oval Importer | Fixing | VCID-kdf2-e615-aaaj | None | 36.1.0 |
| 2025-06-07T13:27:15.893796+00:00 | Debian Oval Importer | Affected by | VCID-7zat-xwhp-aaak | None | 36.1.0 |
| 2025-04-12T17:59:31.849495+00:00 | Debian Oval Importer | Affected by | VCID-7zat-xwhp-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:59:02.248386+00:00 | Debian Oval Importer | Fixing | VCID-s9fq-hc6s-aaad | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:42:32.079144+00:00 | Debian Oval Importer | Affected by | VCID-9zw8-dcvx-aaae | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:39:41.627508+00:00 | Debian Oval Importer | Fixing | VCID-kdf2-e615-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T07:46:09.774959+00:00 | Debian Oval Importer | Affected by | VCID-9zw8-dcvx-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T07:41:51.501416+00:00 | Debian Oval Importer | Affected by | VCID-7zat-xwhp-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:33:06.076590+00:00 | Debian Oval Importer | Fixing | VCID-s9fq-hc6s-aaad | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:53:57.079777+00:00 | Debian Oval Importer | Fixing | VCID-kdf2-e615-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-07T15:28:08.641061+00:00 | Debian Oval Importer | Affected by | VCID-9zw8-dcvx-aaae | None | 36.0.0 |
| 2025-04-07T14:28:10.242209+00:00 | Debian Oval Importer | Fixing | VCID-s9fq-hc6s-aaad | None | 36.0.0 |
| 2025-04-07T14:04:14.842196+00:00 | Debian Oval Importer | Fixing | VCID-kdf2-e615-aaaj | None | 36.0.0 |
| 2025-04-07T12:02:47.179003+00:00 | Debian Oval Importer | Affected by | VCID-7zat-xwhp-aaak | None | 36.0.0 |
| 2024-11-28T05:05:27.234301+00:00 | Debian Oval Importer | Affected by | VCID-7zat-xwhp-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-27T09:54:18.660482+00:00 | Debian Oval Importer | Fixing | VCID-kdf2-e615-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-27T00:23:09.747146+00:00 | Debian Oval Importer | Fixing | VCID-s9fq-hc6s-aaad | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-13T18:25:48.251106+00:00 | Debian Oval Importer | Affected by | VCID-7zat-xwhp-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-13T05:23:48.237028+00:00 | Debian Oval Importer | Fixing | VCID-kdf2-e615-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-12T22:48:29.351650+00:00 | Debian Oval Importer | Fixing | VCID-s9fq-hc6s-aaad | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-09-21T01:50:41.068903+00:00 | Debian Oval Importer | Affected by | VCID-7zat-xwhp-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-20T20:38:22.155588+00:00 | Debian Oval Importer | Fixing | VCID-kdf2-e615-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-20T18:13:05.956177+00:00 | Debian Oval Importer | Fixing | VCID-s9fq-hc6s-aaad | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |