SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
gnome-remote-desktop (PTS)buster0.1.7-1vulnerable
bookworm, sid43.3-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs

The CVE is assigned based on the Ubuntu policy strongly discouraging open ports by
default ( and the fact that the user
service was enabled by default (and not automatically enabled anymore since 42.1.1-2)
Not treated as a security issue in Debian, whether to start the daemon or not is ultimately
up to the local admin

Search for package or bug name: Reporting problems