krb5 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the krb5 package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Reversible One-Way Hash	<1.18.3-6+deb11u7
L CVE-2025-24528	<1.18.3-6+deb11u6
H CVE-2024-37370	<1.18.3-6+deb11u5
C CVE-2024-37371	<1.18.3-6+deb11u5
L Memory Leak	*
L CVE-2024-26461	*
M Access of Uninitialized Pointer	<1.18.3-6+deb11u4
H Integer Overflow or Wraparound	<1.18.3-6+deb11u3
M NULL Pointer Dereference	<1.18.3-6+deb11u1
H NULL Pointer Dereference	<1.18.3-6
H Uncontrolled Recursion	<1.18.3-1
L Reachable Assertion	<1.16.2-1
M NULL Pointer Dereference	<1.16.1-1
L LDAP Injection	<1.16.1-1
L Integer Overflow or Wraparound	*
M NULL Pointer Dereference	<1.16.1-1
L Out-of-Bounds	<1.15.2-2
L Double Free	<1.15.2-1
M Reachable Assertion	<1.15.1-2
M NULL Pointer Dereference	<1.14.3+dfsg-1
M CVE-2016-3119	<1.14.2+dfsg-1
H CVE-2015-8630	<1.13.2+dfsg-5
M Missing Release of Resource after Effective Lifetime	<1.13.2+dfsg-5
M Out-of-bounds Read	<1.13.2+dfsg-5
H Out-of-Bounds	<1.13.2+dfsg-4
M Release of Invalid Pointer or Reference	<1.13.2+dfsg-3
M Source Code	<1.13.2+dfsg-3
M Out-of-bounds Read	<1.13.2+dfsg-3
M Access Restriction Bypass	<1.12.1+dfsg-20
M CVE-2014-5355	<1.12.1+dfsg-18
M Improper Access Control	<1.12.1+dfsg-17
M Information Exposure	<1.12.1+dfsg-17
H CVE-2014-9421	<1.12.1+dfsg-17
H CVE-2014-5352	<1.12.1+dfsg-17
L NULL Pointer Dereference	<1.12.1+dfsg-16
L CVE-2014-5354	<1.12.1+dfsg-16
L Credentials Management	<1.12.1+dfsg-10
H Double Free	<1.12.1+dfsg-5
H Numeric Errors	<1.12.1+dfsg-7
H NULL Pointer Dereference	<1.12.1+dfsg-5
M Out-of-bounds Read	<1.12.1+dfsg-4
M Out-of-Bounds	<1.12.1+dfsg-4
L Improper Input Validation	<1.11.3+dfsg-3+nmu1
L NULL Pointer Dereference	<1.11.3+dfsg-3+nmu1
M Improper Input Validation	<1.10.1+dfsg-6
L NULL Pointer Dereference	<1.10.1+dfsg-5
L NULL Pointer Dereference	<1.10.1+dfsg-4
M NULL Pointer Dereference	<1.10.1+dfsg-4+nmu1
H CVE-2012-1014	<1.10.1+dfsg-2
H Improper Input Validation	<1.10.1+dfsg-2
L CVE-2012-1013	<1.10.1+dfsg-3
M Access Restriction Bypass	<1.10.1+dfsg-1
H Buffer Overflow	<1.8+dfsg~aa+r23527-1
M Resource Management Errors	<1.10+dfsg~alpha1-7
L Improper Input Validation	<1.10+dfsg~alpha1-1
L Improper Input Validation	<1.10+dfsg~alpha1-1
L Improper Input Validation	<1.10+dfsg~alpha1-1
L Improper Input Validation	<1.10+dfsg~alpha1-1
C Improper Input Validation	<1.9.1+dfsg-1
L Resource Management Errors	<1.8.3+dfsg-6
M Cryptographic Issues	<1.8.3+dfsg-5
M CVE-2011-0282	<1.8.3+dfsg-5
L Improper Input Validation	<1.8.3+dfsg-5
L Cryptographic Issues	<1.8.3+dfsg-3
L Cryptographic Issues	<1.8.3+dfsg-3
L Access Restriction Bypass	<1.8+dfsg~alpha1-1
M Cryptographic Issues	<1.8.3+dfsg-3
M Improper Input Validation	<1.8.3+dfsg-2
L NULL Pointer Dereference	<1.8.1+dfsg-3
M Resource Management Errors	<1.8.1+dfsg-2
L Resource Management Errors	<1.7+dfsg-1
M CVE-2010-0628	<1.8+dfsg-1.1
H Improper Input Validation	<1.8+dfsg~alpha1-7
C Numeric Errors	<1.8+dfsg~alpha1-1
M CVE-2009-3295	<1.7+dfsg-4
C Improper Input Validation	<1.6.dfsg.4~beta1-13
M Numeric Errors	<1.6.dfsg.4~beta1-13
M Out-of-Bounds	<1.6.dfsg.4~beta1-13
M Improper Input Validation	<1.6.dfsg.4~beta1-13
H Numeric Errors	<1.6.dfsg.3~beta1-4
M Out-of-Bounds	<1.6.dfsg.3~beta1-4
M Out-of-Bounds	<1.6.dfsg.3~beta1-4
L Out-of-Bounds	<1.3-1
L Numeric Errors	<1.6.dfsg.4~beta1-1
L Out-of-Bounds	<1.6.dfsg.4~beta1-1
L Resource Management Errors	<1.6.dfsg.4~beta1-1
L CVE-2007-5894	<1.6.dfsg.4~beta1-1
L Resource Management Errors	<1.6.dfsg.4~beta1-1
H Out-of-Bounds	<1.6.dfsg.1-7
H Access Restriction Bypass	<1.6.dfsg.1-7
H Out-of-Bounds	<1.6.dfsg.1-7
H CVE-2007-2442	<1.6.dfsg.1-5
M CVE-2007-2443	<1.6.dfsg.1-5
H Out-of-bounds Write	<1.6.dfsg.1-5
H Out-of-bounds Write	<1.4.4-8
H Missing Authentication for Critical Function	<1.4.4-8
H Double Free	<1.4.4-8
H CVE-2006-6143	<1.4.4-6
M Access Restriction Bypass	<1.4.3-9
M Resource Management Errors	<1.4.3-9
M Out-of-Bounds	<1.3.6-4
M CVE-2005-1174	<1.3.6-4
M CVE-2005-1175	<1.3.6-4
L CVE-2005-0488	<1.8.3+dfsg-4
H CVE-2005-0469	<1.3.6-2
H CVE-2005-0468	<1.3.6-2
L CVE-2004-0971	<1.13.2+dfsg-2
H Out-of-bounds Write	<1.3.6-1
C Out-of-Bounds	<1.3.4-3
H Double Free	<1.3.4-3
M CVE-2004-0644	<1.3.4-3
M Double Free	<1.3.4-3
C CVE-2004-0523	<1.3.3-2
M CVE-2003-0082	<1.3.3-2
M CVE-2003-0072	<1.2.7-3
H CVE-2003-0028	<1.3.3-2
H CVE-2003-0138	<1.2.7-3
H CVE-2003-0139	<1.2.7-3
H CVE-2003-0060	<1.2.4
H CVE-2003-0059	<1.2.5-1
M CVE-2003-0058	<1.2.5-1
C CVE-2002-1235	<1.2.6-2
C CVE-2002-0391	<1.2.5-2

Vulnerability

Vulnerable Version

Reversible One-Way Hash

<1.18.3-6+deb11u7