VulnerableCode Package Details - pkg:deb/ubuntu/dpkg@1.17.24ubuntu1

Search for packages

Package details: pkg:deb/ubuntu/dpkg@1.17.24ubuntu1

Essentials
History (0)

purl	pkg:deb/ubuntu/dpkg@1.17.24ubuntu1

Next non-vulnerable version	1.18.24ubuntu1
Latest non-vulnerable version	1.18.24ubuntu1
Risk	4.4

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-v1fh-mtmc-aaab Aliases: CVE-2017-8283	dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source on NetBSD.	1.18.24ubuntu1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-v83g-rs1y-aaaq	Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name.	CVE-2014-8625

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version