Debian Libimobiledevice vulnerabilities

2 known vulnerabilities affecting debian/libimobiledevice.

Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM1LOW1

Vulnerabilities

Page 1 of 1
CVE-2016-5104MEDIUMCVSS 5.3fixed in libimobiledevice 1.2.0+dfsg-3 (bookworm)2016
CVE-2016-5104 [MEDIUM] CVE-2016-5104: libimobiledevice - The socket_create function in common/socket.c in libimobiledevice and libusbmuxd... The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket. Scope: local bookworm: resolved (fixed in 1.2.0+dfsg-3) bullseye: resolved (fixed in 1.2.0+dfsg-3) forky: resolved (fixed in 1.2.0+df
debian
CVE-2013-2142LOWCVSS 3.3fixed in libimobiledevice 1.1.5-0.1 (bookworm)2013
CVE-2013-2142 [LOW] CVE-2013-2142: libimobiledevice - userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not se... userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3) libimobiledevicerc, (4) RootCertificate.pem, or (5) RootPrivateKey.pem in /tmp/root/.config/libimobiledevice/. Scope: local bookworm: resolved (fixed in 1
debian