VulnerableCode Package Details - pkg:ebuild/media-libs/xine-lib@0.9.23-r2

Search for packages

Package details: pkg:ebuild/media-libs/xine-lib@0.9.23-r2

Essentials
History (6)

purl	pkg:ebuild/media-libs/xine-lib@0.9.23-r2

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-gjwn-nj5b-aaaf	xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote attackers to overwrite arbitrary files via the (1) audio.sun_audio_device or (2) dxr3.devicename options in an MRL link.	CVE-2004-1951
VCID-npbk-aqyu-aaaj	xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.	CVE-2004-0372

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T12:38:53.177892+00:00	Gentoo Importer	Fixing	VCID-gjwn-nj5b-aaaf	https://security.gentoo.org/glsa/200404-20	36.0.0
2025-03-28T12:38:53.124661+00:00	Gentoo Importer	Fixing	VCID-npbk-aqyu-aaaj	https://security.gentoo.org/glsa/200404-20	36.0.0
2024-09-18T07:32:39.828292+00:00	Gentoo Importer	Fixing	VCID-gjwn-nj5b-aaaf	https://security.gentoo.org/glsa/200404-20	34.0.1
2024-09-18T07:32:39.769190+00:00	Gentoo Importer	Fixing	VCID-npbk-aqyu-aaaj	https://security.gentoo.org/glsa/200404-20	34.0.1
2024-01-04T01:39:05.184958+00:00	Gentoo Importer	Fixing	VCID-gjwn-nj5b-aaaf	https://security.gentoo.org/glsa/200404-20	34.0.0rc1
2024-01-04T01:39:05.126879+00:00	Gentoo Importer	Fixing	VCID-npbk-aqyu-aaaj	https://security.gentoo.org/glsa/200404-20	34.0.0rc1