| Release | Version |
|---|---|
| jessie | 1.0.24-8+deb8u3 |
| stretch | 1.0.25-4.1+deb9u2 |
| buster | 1.0.27-3.2 |
| bullseye | 1.0.31-4.1 |
| bookworm | 1.2.1-2 |
| trixie | 1.3.0-1 |
| sid | 1.3.0-1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-12867 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | A NULL pointer dereference in sanei_epson_net_read in SANE Backends be ... |
| CVE-2020-12866 | fixed | vulnerable (no DSA, ignored) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | A NULL pointer dereference in SANE Backends before 1.0.30 allows a mal ... |
| CVE-2020-12865 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | A heap buffer overflow in SANE Backends before 1.0.30 may allow a mali ... |
| CVE-2020-12864 | fixed | vulnerable (no DSA, ignored) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malic ... |
| CVE-2020-12863 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malic ... |
| CVE-2020-12862 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malic ... |
| CVE-2020-12861 | fixed | vulnerable (no DSA, ignored) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | A heap buffer overflow in SANE Backends before 1.0.30 allows a malicio ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-46052 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Sane 1.2.1 heap bounds overwrite in init_options() from backend/test.c ... |
| CVE-2023-46047 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | An issue in Sane 1.2.1 allows a local attacker to execute arbitrary co ... |
| Bug | Description |
|---|---|
| CVE-2017-6318 | saned in sane-backends 1.0.25 allows remote attackers to obtain sensit ... |
| CVE-2003-0778 | saned in sane-backends 1.0.7 and earlier, and possibly later versions, ... |
| CVE-2003-0777 | saned in sane-backends 1.0.7 and earlier, when debug messages are enab ... |
| CVE-2003-0776 | saned in sane-backends 1.0.7 and earlier does not properly "check the ... |
| CVE-2003-0775 | saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrar ... |
| CVE-2003-0774 | saned in sane-backends 1.0.7 and earlier does not quickly handle conne ... |
| CVE-2003-0773 | saned in sane-backends 1.0.7 and earlier does not check the IP address ... |
| DSA / DLA | Description |
|---|---|
| DLA-2332-2 | sane-backends - regression update |
| DLA-2332-1 | sane-backends - security update |
| DLA-2231-1 | sane-backends - security update |
| DLA-940-1 | sane-backends - security update |
| DSA-379 | sane-backends - several vulnerabilities |