Fix: handle 0 ports case in get_port_lists filter

[timopollmeier]

What

The SQL for getting the port counts is adjusted to correctly handle the cases where there are no TCP, UDP or any ports.

Why

Without this fix, sorting using the "tcp", "udp" or "total" filter column would return port lists with no ports of the selected type in the wrong order.

References

GEA-1218

[github-actions]

🔍 Vulnerabilities of harbor-os.greenbone.net/community/gvmd:2528-merge-amd64

📦 Image Reference harbor-os.greenbone.net/community/gvmd:2528-merge-amd64

digest	sha256:19f667da21e061c356a35e7dac16a1ce16873d86162940b89b5e189dff808c37
vulnerabilities
size	282 MB
packages	429

📦 Base Image debian:stable-20250811-slim

also known as	stable-slim
digest	sha256:a1c1968fb091b256477e675a99ab3fa6f4c2d047ae7f506f92255cf5f0c2cf5e
vulnerabilities

python3.13 3.13.5-2 (deb) pkg:deb/debian/python3.13@3.13.5-2?os_distro=trixie&os_name=debian&os_version=13 Affected range >=3.13.5-2 Fixed version Not Fixed EPSS Score 0.09% EPSS Percentile 26th percentile Description There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module:  https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1 python3.13 3.13.6-1 python3.12 python3.11 [bookworm] - python3.11 (Minor issue) python3.9 [bullseye] - python3.9 (Minor issue) python2.7 [bullseye] - python2.7 (EOL in bullseye LTS) tarfile.StreamError: seeking backwards is not allowed due to unskipped block with bad checksum python/cpython#130577 gh-130577: tarfile now validates archives to ensure member offsets are non-negative python/cpython#137027 https://mail.python.org/archives/list/security-announce@python.org/thread/ZULLF3IZ726XP5EY7XJ7YIN3K5MDYR2D/ Fixed by: python/cpython@7040aa5 (main) Fixed by: python/cpython@cdae923 (3.13-branch) Affected range >=3.13.5-2 Fixed version Not Fixed EPSS Score 0.09% EPSS Percentile 26th percentile Description The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service. python3.13 3.13.6-1 python3.12 python3.11 [bookworm] - python3.11 (Minor issue) python3.9 [bullseye] - python3.9 (Minor issue; can be fixed in next update) python2.7 [bullseye] - python2.7 (EOL in bullseye LTS) pypy3 [trixie] - pypy3 (Minor issue) [bookworm] - pypy3 (Minor issue) [bullseye] - pypy3 (Minor issue; DoS) jython (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109376) [trixie] - jython (Minor issue) [bookworm] - jython (Minor issue) [bullseye] - jython (EOL in bullseye LTS) https://mail.python.org/archives/list/security-announce@python.org/thread/K5PIYLR6EP3WR7ZOKKYQUWEDNQVUXOYM/ Worst case quadratic complexity in HTMLParser python/cpython#135462 gh-135462: Fix quadratic complexity in processing special input in HTMLParser python/cpython#135464 python/cpython@6eb6c5d (main) python/cpython@d851f8e (v3.14.0b3) python/cpython@4455cba (3.13-branch)

libxslt 1.1.35-1.2+deb13u1 (deb) pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u1?os_distro=trixie&os_name=debian&os_version=13 Affected range >=1.1.35-1.2 Fixed version Not Fixed EPSS Score 0.02% EPSS Percentile 3rd percentile Description A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption. libxslt (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109122) https://bugzilla.redhat.com/show_bug.cgi?id=2379274 https://gitlab.gnome.org/GNOME/libxslt/-/issues/140 While the issue is underlying in libxslt (and the CVE assigned for it), a mitigation can be implemented in src:libxml2, cf. https://gitlab.gnome.org/GNOME/libxslt/-/issues/140#note_2479674 and followups. Mitigated by https://gitlab.gnome.org/GNOME/libxml2/-/commit/9de92ed78d8495527c5d7a4d0cc76c1f83768195 (2.14) https://gitlab.gnome.org/GNOME/libxml2/-/commit/f1e1f13b766eb580a8dcc0c4e7a447346dfd862e (master) Mitigation landed in sid in 2.14.5+dfsg-0.1 Affected range >=1.1.35-1.2 Fixed version Not Fixed EPSS Score 0.98% EPSS Percentile 76th percentile Description In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs. libxslt (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859796) https://bugzilla.gnome.org/show_bug.cgi?id=758400 https://bugzilla.suse.com/show_bug.cgi?id=934119 There's no indication that math.random() in intended to ensure cryptographic randomness requirements. Proper seeding needs to happen in the application using libxslt.

tar 1.35+dfsg-3.1 (deb) pkg:deb/debian/tar@1.35%2Bdfsg-3.1?os_distro=trixie&os_name=debian&os_version=13 Affected range >=1.35+dfsg-3.1 Fixed version Not Fixed EPSS Score 0.04% EPSS Percentile 11th percentile Description GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file's name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mechanism of "Member name contains '..'" that would occur for a single TAR archive that attempted to specify the critical file via a ../ approach. For example, the first archive can contain "x -> ../../../../../home/victim/.ssh" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in which "tar xf" is run more than once (e.g., when installing a package can automatically install two dependencies that are set up as untrusted tarballs instead of official packages). Disputed tar issue, works as documented per upstream: https://lists.gnu.org/archive/html/bug-tar/2025-08/msg00012.html https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md Affected range >=1.35+dfsg-3.1 Fixed version Not Fixed EPSS Score 3.25% EPSS Percentile 87th percentile Description Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges. This is intended behaviour, after all tar is an archiving tool and you need to give -p as a command line flag tar (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=328228; unimportant)

texlive-bin 2024.20240313.70630+ds-6 (deb) pkg:deb/debian/texlive-bin@2024.20240313.70630%2Bds-6?os_distro=trixie&os_name=debian&os_version=13 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.02% EPSS Percentile 4th percentile Description TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE: this is disputed because it should be categorized as a usability problem. texlive-bin (unimportant) https://tug.org/pipermail/tex-live/2023-August/049406.html Crash in CLI tool, negligible security impact Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.03% EPSS Percentile 5th percentile Description Tex Live 944e257 has a NULL pointer dereference in texk/web2c/pdftexdir/writet1.c. NOTE: this is disputed because it should be categorized as a usability problem. texlive-bin (unimportant) https://tug.org/pipermail/tex-live/2023-August/049400.html Crash in CLI tool, negligible security impact Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.27% EPSS Percentile 50th percentile Description OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6badae. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.27% EPSS Percentile 50th percentile Description OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x703969. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.31% EPSS Percentile 54th percentile Description OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.27% EPSS Percentile 50th percentile Description OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x5266a8. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.27% EPSS Percentile 50th percentile Description OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x65f724. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.27% EPSS Percentile 50th percentile Description OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.27% EPSS Percentile 50th percentile Description OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbbb6. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.27% EPSS Percentile 50th percentile Description OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6babea. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.27% EPSS Percentile 50th percentile Description OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe954. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.27% EPSS Percentile 50th percentile Description OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbc0b. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41a8. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.37% EPSS Percentile 58th percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b544e. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.27% EPSS Percentile 50th percentile Description OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe9a7. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.27% EPSS Percentile 50th percentile Description OTFCC v0.10.4 was discovered to contain a global overflow via /release-x64/otfccdump+0x718693. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41b0. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x65fc97. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.27% EPSS Percentile 50th percentile Description OTFCC v0.10.4 was discovered to contain a segmentation violation via /x86_64-linux-gnu/libc.so.6+0xbb384. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e420d. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41b8. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0473. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.37% EPSS Percentile 58th percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0414. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6171b2. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0478. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0bc3. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0a32. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.37% EPSS Percentile 58th percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x61731f. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e412a. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b05ce. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.37% EPSS Percentile 58th percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x617087. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.37% EPSS Percentile 58th percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0d63. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b05aa. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c08a6. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0b2c. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b03b5. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b84b1. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0466. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b55af. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.29% EPSS Percentile 52nd percentile Description OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b04de. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x65fc97. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b544e. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e420d. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41b0. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41b8. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.15% EPSS Percentile 37th percentile Description OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x65f724. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x4adcdb in __asan_memset. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41a8. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0bc3. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e412a. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0a32. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0414. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b05ce. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0478. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0473. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6171b2. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.22% EPSS Percentile 44th percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x61731f. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.22% EPSS Percentile 44th percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b84b1. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.22% EPSS Percentile 44th percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b55af. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.22% EPSS Percentile 44th percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b04de. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.22% EPSS Percentile 44th percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b03b5. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.22% EPSS Percentile 44th percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0b2c. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.22% EPSS Percentile 44th percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b05aa. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0466. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0d63. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x617087. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c08a6. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x4adb11. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b558f. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b5567. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e20a0. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b064d. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6adb1e. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e1fc8. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b559f. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.20% EPSS Percentile 42nd percentile Description OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e7e3d. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.15% EPSS Percentile 37th percentile Description OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.15% EPSS Percentile 37th percentile Description OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x703969. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.15% EPSS Percentile 37th percentile Description OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe954. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.15% EPSS Percentile 37th percentile Description OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6babea. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.15% EPSS Percentile 37th percentile Description OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbbb6. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.15% EPSS Percentile 37th percentile Description OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe9a7. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.15% EPSS Percentile 37th percentile Description OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbc0b. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.15% EPSS Percentile 37th percentile Description OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x5266a8. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.15% EPSS Percentile 37th percentile Description OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.15% EPSS Percentile 37th percentile Description OTFCC commit 617837b was discovered to contain a segmentation violation via /lib/x86_64-linux-gnu/libc.so.6+0xbb384. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.16% EPSS Percentile 38th percentile Description OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6badae. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.17% EPSS Percentile 39th percentile Description OTFCC commit 617837b was discovered to contain a global buffer overflow via /release-x64/otfccdump+0x718693. texlive-bin (unimportant) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Crash in CLI tool, no security impact and affected code not built, see as well #1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.41% EPSS Percentile 61st percentile Description OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602) [bullseye] - texlive-bin (Vulnerable code not present) [buster] - texlive-bin (Vulnerable code not present) Affected code not built, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602 Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.44% EPSS Percentile 62nd percentile Description OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of an incorrect sprintf. texlive-bin (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949630) Buffer overflow in the TexOpen() function pkubowicz/opendetex#60 Debian builds using the kpathsea codepaths. Affected range >=2024.20240313.70630+ds-6 Fixed version Not Fixed EPSS Score 0.51% EPSS Percentile 65th percentile Description TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to linked_scripts/context/stubs/unix/mtxrun, texmf-dist/scripts/context/stubs/mswin/mtxrun.lua, and texmf-dist/tex/luatex/lualibs/lualibs-os.lua. texlive-base (unimportant) [wheezy] - texlive-base (Vulnerable code do not exist) texlive-bin (unimportant) [wheezy] - texlive-bin (Vulnerable code do not exist) context (unimportant) [wheezy] - context (Vulnerable code do not exist) https://sources.debian.org/src/texlive-base/2017.20171128-1/texmf-dist/tex/luatex/lualibs/lualibs-os.lua/#L153 https://sources.debian.org/src/texlive-bin/2016.20160513.41080.dfsg-2/texk/texlive/linked_scripts/context/stubs/unix/mtxrun/#L3004 https://sources.debian.org/src/context/2017.05.15.20170613-2/texmf-dist/scripts/context/stubs/mswin/mtxrun.lua/?hl=3424#L3424

openssh 1:10.0p1-7 (deb) pkg:deb/debian/openssh@1:10.0p1-7?os_distro=trixie&os_name=debian&os_version=13 Affected range >=1:10.0p1-7 Fixed version Not Fixed EPSS Score 0.01% EPSS Percentile 1st percentile Description OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges. openssh (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059393; unimportant) https://arxiv.org/abs/2309.02545 Upstream does not consider CVE-2023-51767 a bug underlying in OpenSSH and does not intent to address it in OpenSSH. To todays knowledge (2024-03-13) it has not been demonstrated that the issue is exploitable in any real software configuration. Affected range >=1:10.0p1-7 Fixed version Not Fixed EPSS Score 67.53% EPSS Percentile 99th percentile Description scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows." openssh (unimportant) https://bugzilla.redhat.com/show_bug.cgi?id=1860487 https://github.com/cpandya2909/CVE-2020-15778 Negligible security impact, changing the scp protocol can have a good chance of breaking existing workflows. Affected range >=1:10.0p1-7 Fixed version Not Fixed EPSS Score 2.06% EPSS Percentile 83rd percentile Description The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected. openssh (unimportant) https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/ https://www.fzi.de/fileadmin/user_upload/2020-06-26-FSA-2020-2.pdf The OpenSSH project is not planning to change the behaviour of OpenSSH regarding the issue, details in "3.1 OpenSSH" in the publication. Partial mitigation: https://anongit.mindrot.org/openssh.git/commit/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d (V_8_4_P1) Affected range >=1:10.0p1-7 Fixed version Not Fixed EPSS Score 53.11% EPSS Percentile 98th percentile Description In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred. openssh (unimportant) https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt Not considered a vulnerability by upstream, cf. https://lists.mindrot.org/pipermail/openssh-unix-dev/2019-January/037475.html Affected range >=1:10.0p1-7 Fixed version Not Fixed EPSS Score 0.72% EPSS Percentile 72nd percentile Description Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.' openssh (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503) https://www.openwall.com/lists/oss-security/2018/08/27/2 Not treated as a security issue by upstream Affected range >=1:10.0p1-7 Fixed version Not Fixed EPSS Score 25.27% EPSS Percentile 96th percentile Description OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product openssh (unimportant) CVE-2016-20012 - Publickey Information leak - Only allow SSH_MSG_USERAUTH_REQUEST with signature openssh/openssh-portable#270 Negligible impact, not treated as a security issue by upstream Affected range >=1:10.0p1-7 Fixed version Not Fixed EPSS Score 2.79% EPSS Percentile 86th percentile Description sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username. openssh (unimportant) this is by design Affected range >=1:10.0p1-7 Fixed version Not Fixed EPSS Score 0.66% EPSS Percentile 70th percentile Description OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243. openssh (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=436571; unimportant) [etch] - openssh (Minor issue) [sarge] - openssh (Minor issue) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=112279 Affected range >=1:10.0p1-7 Fixed version Not Fixed EPSS Score 0.48% EPSS Percentile 64th percentile Description OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483. openssh (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=436571; unimportant) [etch] - openssh (Minor issue) [sarge] - openssh (Minor issue)

glibc 2.41-12 (deb) pkg:deb/debian/glibc@2.41-12?os_distro=trixie&os_name=debian&os_version=13 Affected range >=2.41-12 Fixed version Not Fixed EPSS Score 0.16% EPSS Percentile 38th percentile Description In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\1\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern glibc (unimportant) eglibc (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=24269 Affected range >=2.41-12 Fixed version Not Fixed EPSS Score 0.23% EPSS Percentile 46th percentile Description GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability. glibc (unimportant) Not treated as a security issue by upstream https://sourceware.org/bugzilla/show_bug.cgi?id=22853 Affected range >=2.41-12 Fixed version Not Fixed EPSS Score 0.38% EPSS Percentile 58th percentile Description GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat. glibc (unimportant) Not treated as a security issue by upstream https://sourceware.org/bugzilla/show_bug.cgi?id=22852 Affected range >=2.41-12 Fixed version Not Fixed EPSS Score 0.70% EPSS Percentile 71st percentile Description GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat. glibc (unimportant) Not treated as a security issue by upstream https://sourceware.org/bugzilla/show_bug.cgi?id=22851 Affected range >=2.41-12 Fixed version Not Fixed EPSS Score 0.14% EPSS Percentile 35th percentile Description GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat. glibc (unimportant) Not treated as a security issue by upstream https://sourceware.org/bugzilla/show_bug.cgi?id=22850 Affected range >=2.41-12 Fixed version Not Fixed EPSS Score 2.05% EPSS Percentile 83rd percentile Description In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\1\1|t1|\\2537)+' in grep. glibc (unimportant) eglibc (unimportant) https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141 https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html No treated as vulnerability: https://sourceware.org/glibc/wiki/Security%20Exceptions Affected range >=2.41-12 Fixed version Not Fixed EPSS Score 0.37% EPSS Percentile 58th percentile Description The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. glibc (unimportant) eglibc (unimportant) That's standard POSIX behaviour implemented by (e)glibc. Applications using glob need to impose limits for themselves

elfutils 0.192-4 (deb) pkg:deb/debian/elfutils@0.192-4?os_distro=trixie&os_name=debian&os_version=13 Affected range >=0.192-4 Fixed version Not Fixed EPSS Score 0.06% EPSS Percentile 20th percentile Description A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is fbf1df9ca286de3323ae541973b08449f8d03aba. It is recommended to apply a patch to fix this issue. elfutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32673 https://sourceware.org/git/?p=elfutils.git;a=fbf1df9ca286de3323ae541973b08449f8d03aba Crash in CLI tool, considered only to be a normal bug by upstream Affected range >=0.192-4 Fixed version Not Fixed EPSS Score 0.05% EPSS Percentile 14th percentile Description A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a patch to fix this issue. elfutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32672 https://sourceware.org/git/?p=elfutils.git;a=commit;h=b16f441cca0a4841050e3215a9f120a6d8aea918 Crash in CLI tool, considered only to be a normal bug by upstream Affected range >=0.192-4 Fixed version Not Fixed EPSS Score 0.03% EPSS Percentile 7th percentile Description A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 73db9d2021cab9e23fd734b0a76a612d52a6f1db. It is recommended to apply a patch to fix this issue. elfutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32656 https://sourceware.org/bugzilla/show_bug.cgi?id=32657 https://sourceware.org/git/?p=elfutils.git;a=commit;h=73db9d2021cab9e23fd734b0a76a612d52a6f1db Crash in CLI tool, considered only to be a normal bug by upstream Affected range >=0.192-4 Fixed version Not Fixed EPSS Score 0.03% EPSS Percentile 6th percentile Description A vulnerability has been found in GNU elfutils 0.192 and classified as problematic. This vulnerability affects the function handle_dynamic_symtab of the file readelf.c of the component eu-read. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is identified as b38e562a4c907e08171c76b8b2def8464d5a104a. It is recommended to apply a patch to fix this issue. elfutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32655 https://sourceware.org/git/?p=elfutils.git;a=commit;h=b38e562a4c907e08171c76b8b2def8464d5a104a Crash in CLI tool, considered only to be a normal bug by upstream Affected range >=0.192-4 Fixed version Not Fixed EPSS Score 0.03% EPSS Percentile 6th percentile Description A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function process_symtab of the file readelf.c of the component eu-readelf. The manipulation of the argument D/a leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 5e5c0394d82c53e97750fe7b18023e6f84157b81. It is recommended to apply a patch to fix this issue. elfutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32654 https://sourceware.org/git/?p=elfutils.git;a=commit;h=5e5c0394d82c53e97750fe7b18023e6f84157b81 Crash in CLI tool, considered only to be a normal bug by upstream Affected range >=0.192-4 Fixed version Not Fixed EPSS Score 0.14% EPSS Percentile 34th percentile Description A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753. It is recommended to apply a patch to fix this issue. elfutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32650 Fixed by: https://sourceware.org/git/?p=elfutils.git;a=2636426a091bd6c6f7f02e49ab20d4cdc6bfc753 Crash in CLI tool, considered only to be a normal bug by upstream Affected range >=0.192-4 Fixed version Not Fixed EPSS Score 0.01% EPSS Percentile 2nd percentile Description elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c. elfutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=31058 https://sourceware.org/git/?p=elfutils.git;a=commit;h=373f5212677235fc3ca6068b887111554790f944 Crash in CLI tool, considered only to be a normal bug by upstream

systemd 257.7-1 (deb) pkg:deb/debian/systemd@257.7-1?os_distro=trixie&os_name=debian&os_version=13 Affected range >=257.7-1 Fixed version Not Fixed EPSS Score 0.09% EPSS Percentile 27th percentile Description An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." systemd (unimportant) Disputed by upstream https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf Affected range >=257.7-1 Fixed version Not Fixed EPSS Score 0.10% EPSS Percentile 28th percentile Description An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." systemd (unimportant) Disputed by upstream https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf Affected range >=257.7-1 Fixed version Not Fixed EPSS Score 0.13% EPSS Percentile 33rd percentile Description An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." systemd (unimportant) Disputed by upstream https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf Affected range >=257.7-1 Fixed version Not Fixed EPSS Score 0.07% EPSS Percentile 21st percentile Description systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files. systemd (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357) [wheezy] - systemd (/etc/tmpfiles.d not supported in Wheezy) https://bugzilla.redhat.com/show_bug.cgi?id=859060 only relevant to systems running systemd along with selinux

rpm 4.20.1+dfsg-3 (deb) pkg:deb/debian/rpm@4.20.1%2Bdfsg-3?os_distro=trixie&os_name=debian&os_version=13 Affected range >=4.20.1+dfsg-3 Fixed version Not Fixed EPSS Score 0.05% EPSS Percentile 15th percentile Description It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation. rpm (unimportant) https://bugzilla.redhat.com/show_bug.cgi?id=1452133 Not supported for installations in Debian (and an unprivileged attacker would not have permissions for systems directories anyway) Affected range >=4.20.1+dfsg-3 Fixed version Not Fixed EPSS Score 0.05% EPSS Percentile 15th percentile Description It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege. rpm (unimportant) https://bugzilla.redhat.com/show_bug.cgi?id=1450369 Not supported for installations in Debian (and an unprivileged attacker would not have permissions for systems directories anyway) Affected range >=4.20.1+dfsg-3 Fixed version Not Fixed EPSS Score 0.05% EPSS Percentile 13th percentile Description lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to bypass intended access restrictions by creating a hard link to a vulnerable file that has a POSIX ACL, a related issue to CVE-2010-2059. rpm (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584257; unimportant) Marking as unimportant since rpm isn't used as a package manager Affected range >=4.20.1+dfsg-3 Fixed version Not Fixed EPSS Score 0.05% EPSS Percentile 14th percentile Description lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended access restrictions by creating a hard link to a vulnerable file that has (1) POSIX file capabilities or (2) SELinux context information, a related issue to CVE-2010-2059. rpm (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584257; unimportant) Marking as unimportant since rpm isn't used as a package manager

openldap 2.6.10+dfsg-1 (deb) pkg:deb/debian/openldap@2.6.10%2Bdfsg-1?os_distro=trixie&os_name=debian&os_version=13 Affected range >=2.6.10+dfsg-1 Fixed version Not Fixed EPSS Score 0.37% EPSS Percentile 58th percentile Description libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux. openldap (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965184) https://bugs.openldap.org/show_bug.cgi?id=9266 https://bugzilla.redhat.com/show_bug.cgi?id=1740070 RedHat/CentOS applied patch: https://git.centos.org/rpms/openldap/raw/67459960064be9d226d57c5f82aaba0929876813/f/SOURCES/openldap-tlso-dont-check-cn-when-bad-san.patch OpenLDAP upstream did dispute the issue as beeing valid, as the current libldap behaviour does conform with RFC4513. RFC6125 does not superseed the rules for verifying service identity provided in specifications for existing application protocols published prior to RFC6125, like RFC4513 for LDAP. Affected range >=2.6.10+dfsg-1 Fixed version Not Fixed EPSS Score 2.84% EPSS Percentile 86th percentile Description contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. openldap (unimportant) http://www.openldap.org/its/index.cgi/Incoming?id=8759 nops slapd-module not built Affected range >=2.6.10+dfsg-1 Fixed version Not Fixed EPSS Score 0.11% EPSS Percentile 31st percentile Description slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname" command, as demonstrated by openldap-initscript. openldap (unimportant) http://www.openldap.org/its/index.cgi?findid=8703 Negligible security impact, but filed #877512 Affected range >=2.6.10+dfsg-1 Fixed version Not Fixed EPSS Score 1.76% EPSS Percentile 82nd percentile Description The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors. openldap (unimportant) Debian builds with GNUTLS, not NSS

krb5 1.21.3-5 (deb) pkg:deb/debian/krb5@1.21.3-5?os_distro=trixie&os_name=debian&os_version=13 Affected range >=1.21.3-5 Fixed version Not Fixed EPSS Score 0.08% EPSS Percentile 25th percentile Description Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. krb5 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098754; unimportant) https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md Fixed by: krb5/krb5@c5f9c81 Codepath cannot be triggered via API calls, negligible security impact https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html Affected range >=1.21.3-5 Fixed version Not Fixed EPSS Score 0.21% EPSS Percentile 43rd percentile Description Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c. krb5 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098754; unimportant) https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md Fixed by: krb5/krb5@c5f9c81 Unused codepath, negligible security impact https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html Affected range >=1.21.3-5 Fixed version Not Fixed EPSS Score 0.46% EPSS Percentile 63rd percentile Description An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data. krb5 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889684) https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow non-issue, codepath is only run on trusted input, potential integer overflow is non-issue

zziplib 0.13.78+dfsg.1-0.1 (deb) pkg:deb/debian/zziplib@0.13.78%2Bdfsg.1-0.1?os_distro=trixie&os_name=debian&os_version=13 Affected range >=0.13.78+dfsg.1-0.1 Fixed version Not Fixed EPSS Score 0.09% EPSS Percentile 27th percentile Description An issue was discovered in ZZIPlib 0.13.68. There is a memory leak triggered in the function zzip_mem_disk_new in memdisk.c, which will lead to a denial of service attack. zziplib (unimportant) There are memory leaks in zziplib v0.13.68 which is trigged in zzip_mem_disk_new(in zzip/memdisk.c:78) gdraheim/zziplib#40 gdraheim/zziplib@83a2da5 (v0.13.69) unzzipcat-mem and unzzipdir-mem not installed into binary packages. Affected range >=0.13.78+dfsg.1-0.1 Fixed version Not Fixed EPSS Score 0.28% EPSS Percentile 51st percentile Description In ZZIPlib 0.13.67, there is a bus error (when handling a disk64_trailer seek value) caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. zziplib (unimportant) Bus error when handling (root seek of disk64_trailer) in zzip_disk_findfirst (src/zzip/mmapped.c) [CVE-2018-6542] gdraheim/zziplib#17 gdraheim/zziplib@931f962 (v0.13.68) Negligible impact and unzzipcat utility not installed into binary packages Affected range >=0.13.78+dfsg.1-0.1 Fixed version Not Fixed EPSS Score 0.59% EPSS Percentile 68th percentile Description Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file. zziplib (unimportant) Directory traversal vulnerability in zziplib 0.13.69 gdraheim/zziplib#62 unzzipcat-mem not installed into the binary packages

libarchive 3.7.4-4 (deb) pkg:deb/debian/libarchive@3.7.4-4?os_distro=trixie&os_name=debian&os_version=13 Affected range >=3.7.4-4 Fixed version Not Fixed EPSS Score 0.02% EPSS Percentile 2nd percentile Description list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale. libarchive (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103479) https://github.com/Ekkosun/pocs/blob/main/bsdtarbug CVE-2025-25724 reported upstream libarchive/libarchive#2529 Initial fix (incomplete): libarchive/libarchive@c9bc934 (master) Initial fix (incomplete): libarchive/libarchive@8ce2aca (v3.7.8) Proper fix proposal: Fix CVE-2025-25724 by checking the result of the strftime libarchive/libarchive#2710 Crash in CLI tool, no security impact Affected range >=3.7.4-4 Fixed version Not Fixed EPSS Score 0.01% EPSS Percentile 1st percentile Description Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask() call inside archive_write_disk_posix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setting. Such a race condition could lead to implicit directory creation with permissions 0777 (without the sticky bit), which means that any low-privileged local user can delete and rename files inside those directories. libarchive (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037093; unimportant) Race condition in multi-threaded use of archive_write_disk_header() on posix based systems libarchive/libarchive#1876 libarchive does not officially support multi-threaded use archive_read_disk and archive_write_disk API functions. Upstream aims to clarify the documentation: Race condition in multi-threaded use of archive_write_disk_header() on posix based systems libarchive/libarchive#1876 (comment) We'll use the first version to include the documentation update as fixed version

coreutils 9.7-3 (deb) pkg:deb/debian/coreutils@9.7-3?os_distro=trixie&os_name=debian&os_version=13 Affected range >=9.7-3 Fixed version Not Fixed EPSS Score 0.02% EPSS Percentile 3rd percentile Description A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data. coreutils (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106733; unimportant) https://bugzilla.redhat.com/show_bug.cgi?id=2368764 https://lists.gnu.org/archive/html/bug-coreutils/2025-05/msg00036.html https://lists.gnu.org/archive/html/bug-coreutils/2025-05/msg00040.html https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633 https://www.openwall.com/lists/oss-security/2025/05/27/2 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=78507 Crash in CLI tool, no security impact Affected range >=9.7-3 Fixed version Not Fixed EPSS Score 0.06% EPSS Percentile 17th percentile Description In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition. coreutils (unimportant) http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html https://www.openwall.com/lists/oss-security/2018/01/04/3 Documentation patches proposed: https://lists.gnu.org/archive/html/coreutils/2017-12/msg00072.html https://lists.gnu.org/archive/html/coreutils/2017-12/msg00073.html Neutralised by kernel hardening

libgcrypt20 1.11.0-7 (deb) pkg:deb/debian/libgcrypt20@1.11.0-7?os_distro=trixie&os_name=debian&os_version=13 Affected range >=1.11.0-7 Fixed version Not Fixed EPSS Score 0.31% EPSS Percentile 54th percentile Description A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts. libgcrypt20 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065683) https://bugzilla.redhat.com/show_bug.cgi?id=2268268 https://lists.gnupg.org/pipermail/gcrypt-devel/2024-March/005607.html https://github.com/tomato42/marvin-toolkit/tree/master/example/libgcrypt https://people.redhat.com/~hkario/marvin/ https://dev.gnupg.org/T7136 https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/17 Not in scope for libgcrypt security policy, work ongoing to add support in the protocol layer Affected range >=1.11.0-7 Fixed version Not Fixed EPSS Score 1.20% EPSS Percentile 78th percentile Description cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation. libgcrypt20 (unimportant) libgcrypt11 (unimportant) gnupg1 (unimportant) gnupg (unimportant) https://github.com/weikengchen/attack-on-libgcrypt-elgamal https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html GnuPG uses ElGamal in hybrid mode only. This is not a vulnerability in libgcrypt, but in an application using it in an insecure manner, see also https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004401.html

texlive-base 2024.20250309-1 (deb) pkg:deb/debian/texlive-base@2024.20250309-1?os_distro=trixie&os_name=debian&os_version=13 Affected range >=2024.20250309-1 Fixed version Not Fixed EPSS Score 0.51% EPSS Percentile 65th percentile Description TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to linked_scripts/context/stubs/unix/mtxrun, texmf-dist/scripts/context/stubs/mswin/mtxrun.lua, and texmf-dist/tex/luatex/lualibs/lualibs-os.lua. texlive-base (unimportant) [wheezy] - texlive-base (Vulnerable code do not exist) texlive-bin (unimportant) [wheezy] - texlive-bin (Vulnerable code do not exist) context (unimportant) [wheezy] - context (Vulnerable code do not exist) https://sources.debian.org/src/texlive-base/2017.20171128-1/texmf-dist/tex/luatex/lualibs/lualibs-os.lua/#L153 https://sources.debian.org/src/texlive-bin/2016.20160513.41080.dfsg-2/texk/texlive/linked_scripts/context/stubs/unix/mtxrun/#L3004 https://sources.debian.org/src/context/2017.05.15.20170613-2/texmf-dist/scripts/context/stubs/mswin/mtxrun.lua/?hl=3424#L3424

gnutls28 3.8.9-3 (deb) pkg:deb/debian/gnutls28@3.8.9-3?os_distro=trixie&os_name=debian&os_version=13 Affected range >=3.8.9-3 Fixed version Not Fixed EPSS Score 4.51% EPSS Percentile 89th percentile Description The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. sun-java6 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645881) [lenny] - sun-java6 (Non-free not supported) [squeeze] - sun-java6 (Non-free not supported) openjdk-6 6b23~pre11-1 openjdk-7 7~b147-2.0-1 iceweasel (Vulnerable code not present) http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/ chromium-browser 15.0.874.106~r107270-1 [squeeze] - chromium-browser lighttpd 1.4.30-1 strictly speaking this is no lighttpd issue, but lighttpd adds a workaround curl 7.24.0-1 http://curl.haxx.se/docs/adv_20120124B.html python2.6 2.6.8-0.1 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684511) [squeeze] - python2.6 (Minor issue) python2.7 2.7.3~rc1-1 python3.1 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678998) [squeeze] - python3.1 (Minor issue) python3.2 3.2.3~rc1-1 http://bugs.python.org/issue13885 python3.1 is fixed starting 3.1.5 cyassl gnutls26 (unimportant) gnutls28 (unimportant) No mitigation for gnutls, it is recommended to use TLS 1.1 or 1.2 which is supported since 2.0.0 haskell-tls (unimportant) No mitigation for haskell-tls, it is recommended to use TLS 1.1, which is supported since 0.2 matrixssl (low) [squeeze] - matrixssl (Minor issue) [wheezy] - matrixssl (Minor issue) matrixssl fix this upstream in 3.2.2 bouncycastle 1.49+dfsg-1 [squeeze] - bouncycastle (Minor issue) [wheezy] - bouncycastle (Minor issue) No mitigation for bouncycastle, it is recommended to use TLS 1.1, which is supported since 1.4.9 nss 3.13.1.with.ckbi.1.88-1 https://bugzilla.mozilla.org/show_bug.cgi?id=665814 https://hg.mozilla.org/projects/nss/rev/7f7446fcc7ab polarssl (unimportant) No mitigation for polarssl, it is recommended to use TLS 1.1, which is supported in all releases tlslite [wheezy] - tlslite (Minor issue) pound 2.6-2 Pound 2.6-2 added an anti_beast.patch to mitigate BEAST attacks. erlang 1:15.b-dfsg-1 [squeeze] - erlang (Minor issue) asterisk 1:13.7.2dfsg-1 [jessie] - asterisk 1:11.13.1dfsg-2+deb8u1 [wheezy] - asterisk (Minor issue) [squeeze] - asterisk (Not supported in Squeeze LTS) http://downloads.digium.com/pub/security/AST-2016-001.html https://issues.asterisk.org/jira/browse/ASTERISK-24972 patch for 11 (jessie): https://code.asterisk.org/code/changelog/asterisk?cs=f233bcd81d85626ce5bdd27b05bc95d131faf3e4 all versions vulnerable, backport required for wheezy

gnupg2 2.4.7-21 (deb) pkg:deb/debian/gnupg2@2.4.7-21?os_distro=trixie&os_name=debian&os_version=13 Affected range >=2.4.7-21 Fixed version Not Fixed EPSS Score 0.01% EPSS Percentile 1st percentile Description GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB. gnupg2 (unimportant) https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://www.openwall.com/lists/oss-security/2022/07/04/8 GnuPG upstream is not implementing this change.

pixman 0.44.0-3 (deb) pkg:deb/debian/pixman@0.44.0-3?os_distro=trixie&os_name=debian&os_version=13 Affected range >=0.44.0-3 Fixed version Not Fixed EPSS Score 0.03% EPSS Percentile 7th percentile Description stress-test master commit e4c878 was discovered to contain a FPE vulnerability via the component combine_inner at /pixman-combine-float.c. pixman (unimportant) https://gitlab.freedesktop.org/pixman/pixman/-/issues/76 Crash in test tool, no security impact

jansson 2.14-2 (deb) pkg:deb/debian/jansson@2.14-2?os_distro=trixie&os_name=debian&os_version=13 Affected range >=2.14-2 Fixed version Not Fixed EPSS Score 0.32% EPSS Percentile 55th percentile Description An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification jansson (unimportant) OOB Read memory corruption bug akheron/jansson#548 Disputed security impact (only if programmer fails to follow API specifications)

openssl 3.5.1-1 (deb) pkg:deb/debian/openssl@3.5.1-1?os_distro=trixie&os_name=debian&os_version=13 Affected range >=3.2.1-3 Fixed version Not Fixed EPSS Score 0.11% EPSS Percentile 30th percentile Description OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack." http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf openssl/openssl#24540 Fault injection based attacks are not within OpenSSLs threat model according to the security policy: https://www.openssl.org/policies/general/security-policy.html

util-linux 2.41-5 (deb) pkg:deb/debian/util-linux@2.41-5?os_distro=trixie&os_name=debian&os_version=13 Affected range >=2.41-5 Fixed version Not Fixed EPSS Score 0.03% EPSS Percentile 5th percentile Description A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4. util-linux (unimportant) https://bugzilla.redhat.com/show_bug.cgi?id=2053151 https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u util-linux/util-linux@faa5a3a util-linux in Debian does build with readline support but chfn and chsh are provided by src:shadow and util-linux is configured with --disable-chfn-chsh

libxml2 2.12.7+dfsg+really2.9.14-2.1 (deb) pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1?os_distro=trixie&os_name=debian&os_version=13 Affected range >=2.12.7+dfsg+really2.9.14-2.1 Fixed version Not Fixed EPSS Score 0.01% EPSS Percentile 2nd percentile Description A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The code maintainer explains, that "[t]he issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. I also doubt that anyone is still using SGML catalogs at all." libxml2 (unimportant) https://gitlab.gnome.org/GNOME/libxml2/-/issues/958 https://gitlab.gnome.org/GNOME/libxml2/-/issues/958#note_2505853 Issue can only be triggered with untrusted SGML, negligible security impact

hiredis 1.2.0-6 (deb) pkg:deb/debian/hiredis@1.2.0-6?os_distro=trixie&os_name=debian&os_version=13 Affected range >=1.2.0-6 Fixed version Not Fixed EPSS Score 0.01% EPSS Percentile 1st percentile Description Buffer Overflow in hiredis 1.2.0 allows a local attacker to cause a denial of service via the sdscatlen function. REJECTED

cairo 1.18.4-1 (deb) pkg:deb/debian/cairo@1.18.4-1?os_distro=trixie&os_name=debian&os_version=13 Affected range >=1.18.4-1 Fixed version Not Fixed EPSS Score 0.51% EPSS Percentile 65th percentile Description cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function). cairo (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916083) https://gitlab.freedesktop.org/cairo/cairo/issues/341 Negligible security impact

libpng1.6 1.6.48-1 (deb) pkg:deb/debian/libpng1.6@1.6.48-1?os_distro=trixie&os_name=debian&os_version=13 Affected range >=1.6.48-1 Fixed version Not Fixed EPSS Score 0.06% EPSS Percentile 18th percentile Description A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service. libpng1.6 (unimportant) A potential heap overflow issue pnggroup/libpng#302 Crash in CLI package, not shipped in binary packages

sqlite3 3.46.1-7 (deb) pkg:deb/debian/sqlite3@3.46.1-7?os_distro=trixie&os_name=debian&os_version=13 Affected range >=3.46.1-7 Fixed version Not Fixed EPSS Score 0.21% EPSS Percentile 44th percentile Description A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect. sqlite3 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005974) sqlite (unimportant) https://github.com/guyinatuxedo/sqlite3_record_leaking https://bugzilla.redhat.com/show_bug.cgi?id=2054793 https://sqlite.org/forum/forumpost/056d557c2f8c452ed5bb9c215414c802b215ce437be82be047726e521342161e Negligible security impact

glib2.0 2.84.3-1 (deb) pkg:deb/debian/glib2.0@2.84.3-1?os_distro=trixie&os_name=debian&os_version=13 Affected range >=2.84.3-1 Fixed version Not Fixed EPSS Score 0.49% EPSS Percentile 64th percentile Description GLib 2.31.8 and earlier, when the g_str_hash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this issue may be disputed by the vendor; the existence of the g_str_hash function is not a vulnerability in the library, because callers of g_hash_table_new and g_hash_table_new_full can specify an arbitrary hash function that is appropriate for the application. glib2.0 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655044)

apt 3.0.3 (deb) pkg:deb/debian/apt@3.0.3?os_distro=trixie&os_name=debian&os_version=13 Affected range >=3.0.3 Fixed version Not Fixed EPSS Score 1.51% EPSS Percentile 80th percentile Description It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack. apt (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480) Not exploitable in Debian, since no keyring URI is defined

pcre2 10.45-1 (deb) pkg:deb/debian/pcre2@10.45-1?os_distro=trixie&os_name=debian&os_version=13 Affected range >=10.45-1 Fixed version Not Fixed Description The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46. pcre2 10.46-1 [bookworm] - pcre2 (Vulnerable code not present) [bullseye] - pcre2 (Vulnerable code not present) Introduced with: PCRE2Project/pcre2@237899f (pcre2-10.45-RC1) Fixed by: PCRE2Project/pcre2@a141712 (pcre2-10.46)

shadow 1:4.17.4-2 (deb) pkg:deb/debian/shadow@1:4.17.4-2?os_distro=trixie&os_name=debian&os_version=13 Affected range >=1:4.17.4-2 Fixed version Not Fixed EPSS Score 0.33% EPSS Percentile 55th percentile Description initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers. shadow (unimportant) See #290803, on Debian LOG_UNKFAIL_ENAB in login.defs is set to no so unknown usernames are not recorded on login failures

xdg-utils 1.2.1-2 (deb) pkg:deb/debian/xdg-utils@1.2.1-2?os_distro=trixie&os_name=debian&os_version=13 Affected range >=1.2.1-2 Fixed version Not Fixed EPSS Score 0.01% EPSS Percentile 2nd percentile Description xdg-open in xdg-utils through 1.2.1 can send requests containing SameSite=Strict cookies, which can facilitate CSRF. (For example, xdg-open could be modified to, by default, associate x-scheme-handler/https with the execution of a browser with command-line options that arrange for an empty cookie store, although this would add substantial complexity, and would not be considered a desirable or expected behavior by all users.) NOTE: this is disputed because integrations of xdg-open typically do not provide information about whether the xdg-open command and arguments were manually entered by a user, or whether they were the result of a navigation from content in an untrusted origin. xdg-utils (unimportant) https://www.openwall.com/lists/oss-security/2025/06/23/1 Hardening/security enhancement, not a security issue in xdg-utils

perl 5.40.1-6 (deb) pkg:deb/debian/perl@5.40.1-6?os_distro=trixie&os_name=debian&os_version=13 Affected range >=5.40.1-6 Fixed version Not Fixed EPSS Score 0.16% EPSS Percentile 37th percentile Description _is_safe in the File::Temp module for Perl does not properly handle symlinks. perl (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776268) http://thread.gmane.org/gmane.comp.security.oss.general/6174/focus=6177 File:Temp::_is_safe() allows unsafe traversal of symlinks [rt.cpan.org #69106] Perl-Toolchain-Gang/File-Temp#14

net-snmp 5.9.4+dfsg-2 (deb) pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2?os_distro=trixie&os_name=debian&os_version=13 Affected range >=5.9.4+dfsg-1 Fixed version Not Fixed Description net-snmp 5.9.4 contains a memory leak vulnerability in /net-snmp/apps/snmpvacm.c. REJECTED