Vulnerabilities > Debian > Dpkg > 1.17.24
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-26 | CVE-2022-1664 | Path Traversal vulnerability in multiple products Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. | 9.8 |
| 2015-12-03 | CVE-2015-0860 | Numeric Errors vulnerability in multiple products Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which triggers a stack-based buffer overflow. | 7.5 |
| 2015-04-13 | CVE-2015-0840 | Improper Access Control vulnerability in multiple products The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file (.dsc). | 4.3 |