tldr/pages/linux/debsecan.md

# debsecan

> Debian Security Analyzer, a tool to list vulnerabilities on a particular Debian installation.
> More information: <https://manned.org/debsecan>.

- List vulnerable installed packages on the current host:

`debsecan`

- List vulnerable installed packages of a specific suite:

`debsecan --suite {{release_code_name}}`

- List only fixed vulnerabilities:

`debsecan --suite {{release_code_name}} --only-fixed`

- List only fixed vulnerabilities of unstable ("sid") and mail to root:

`debsecan --suite {{sid}} --only-fixed --format {{report}} --mailto {{root}} --update-history`

- Upgrade vulnerable installed packages:

`sudo apt upgrade $(debsecan --only-fixed --format {{packages}})`
debsecan: add page (#6567) 2021-09-25 06:04:40 +00:00			`# debsecan`

			`> Debian Security Analyzer, a tool to list vulnerabilities on a particular Debian installation.`
linux*: refresh old pages part 2 (#16263) Co-authored-by: Lena <126529524+acuteenvy@users.noreply.github.com> Co-authored-by: Machiavelli <145562237+MachiavelliII@users.noreply.github.com> 2025-04-27 10:35:40 +03:00			`> More information: <https://manned.org/debsecan>.`
debsecan: add page (#6567) 2021-09-25 06:04:40 +00:00
			`- List vulnerable installed packages on the current host:`

			`debsecan`

			`- List vulnerable installed packages of a specific suite:`

			`debsecan --suite {{release_code_name}}`

			`- List only fixed vulnerabilities:`

			`debsecan --suite {{release_code_name}} --only-fixed`

			`- List only fixed vulnerabilities of unstable ("sid") and mail to root:`

			`debsecan --suite {{sid}} --only-fixed --format {{report}} --mailto {{root}} --update-history`

			`- Upgrade vulnerable installed packages:`

			`sudo apt upgrade $(debsecan --only-fixed --format {{packages}})`