There are 3 open security issues in bullseye.
3 issues left for the package maintainer to handle:
- CVE-2017-7938:
(needs triaging)
Stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) version 1.3a (Unix) allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long argument. An example threat model is automated execution of DMitry with hostname strings found in local log files.
- CVE-2020-14931:
(needs triaging)
A stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) 1.3a might allow remote WHOIS servers to execute arbitrary code via a long line in a response that is mishandled by nic_format_buff.
- CVE-2024-31837:
(needs triaging)
DMitry (Deepmagic Information Gathering Tool) 1.3a has a format-string vulnerability, with a threat model similar to CVE-2017-7938.
You can find information about how to handle these issues in the security team's documentation.