pkg:Debian/dpkg
27 total CVEsCRITICAL4HIGH2
✅ Check your installed version
All known vulnerabilities
- from 0, < 1.20.10
- from 0, < 1.19.8
- from 0, < 1.18.26
- CRITICAL9.8CVE-2017-8283dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indent…from 0, < 1.18.24
- HIGH8.2CVE-2025-6297It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary director…from 0
- HIGH7.5CVE-2026-2219It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data…from 0, < 1.21.23
- from 0, < 1.18.4
- from 0, < 1.16.17
- from 0, < 1.15.12
- from 0, < 1.17.25
- from 0, < 1.16.16
- —CVE-2014-8625Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to caus…from 0, < 1.17.22
- —CVE-2014-3865Multiple directory traversal vulnerabilities in dpkg-source in dpkg-dev 1.3.0 allow remote attackers to modify files outside of the intende…from 0, < 1.17.10
- from 0, < 1.17.10
- from 0, < 1.15.11
- —CVE-2014-3227dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect the patch program to be compliant with a need for the "C-style encoded…from 0, < 1.17.9
- from 0, < 1.15.10
- from 0, < 1.17.9
- from 0, < 1.17.8
- from 0, < 1.15.9
- —CVE-2011-0402dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via a symlink attack on unspe…from 0, < 1.15.8.8
- from 0, < 1.14.31
- from 0, < 1.15.8.8
- —CVE-2004-2768dpkg 1.9.21 does not properly reset the metadata of a file during replacement of the file in a package upgrade, which might allow local use…from 0, < 1.10.19
- from 0, < 1.14.29
- from 0, < 1.15.6
- from 0, < 1.13.11