Debian Libqb vulnerabilities
2 known vulnerabilities affecting debian/libqb.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1LOW1
Vulnerabilities
Page 1 of 1
CVE-2023-39976CRITICALCVSS 9.8fixed in libqb 2.0.8-1 (forky)2023
CVE-2023-39976 [CRITICAL] CVE-2023-39976: libqb - log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messa...
log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered.
Scope: local
bookworm: open
bullseye: open
forky: resolved (fixed in 2.0.8-1)
sid: resolved (fixed in 2.0.8-1)
trixie: resolved (fixed in 2.0.8-1)
debian
CVE-2019-12779LOWCVSS 7.1fixed in libqb 1.0.4-1 (bookworm)2019
CVE-2019-12779 [HIGH] CVE-2019-12779: libqb - libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink...
libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and /tmp) without O_EXCL.
Scope: local
bookworm: resolved (fixed in 1.0.4-1)
bullseye: resolved (fixed in 1.0.4-1)
forky: resolved (fixed in 1.0.4-1)
sid: resolved (fixed in 1.0.4-1)
trixie: resolved (fixed in 1.0.4-1)
debian