Candidates for DTSAs

The table below lists packages which are fixed in unstable, but unfixed in testing. Use the testing migration checker to find out why they have not entered testing yet.

List of vulnerable packages in testing

Package	Migration	Bug	Urgency	Remote
dropbear	check	CVE-2025-47203	not yet assigned	no
edk2	check	CVE-2024-38797	not yet assigned	no
erlang	check	CVE-2025-46712	not yet assigned	no
finit	check	CVE-2025-32022	not yet assigned	no
flask	check	CVE-2025-47278	not yet assigned	no
gimp	check	TEMP-1105005-BC2070	not yet assigned	?
glib2.0	check	CVE-2025-4373	not yet assigned	no
imagemagick	check	CVE-2025-43965	not yet assigned	no
		CVE-2025-46393	not yet assigned	no
intel-microcode (non-free-firmware)	check	CVE-2024-28956	not yet assigned	no
		CVE-2024-43420	not yet assigned	no
		CVE-2024-45332	not yet assigned	no
		CVE-2025-20012	not yet assigned	no
		CVE-2025-20054	not yet assigned	no
		CVE-2025-20103	not yet assigned	no
		CVE-2025-20623	not yet assigned	no
		CVE-2025-24495	not yet assigned	no
libcrypt-openssl-rsa-perl	check	CVE-2024-2467	not yet assigned	no
linux	check	CVE-2024-28956	not yet assigned	no
		CVE-2025-37821	not yet assigned	no
		CVE-2025-37890	not yet assigned	no
		CVE-2025-37891	not yet assigned	no
		CVE-2025-37894	not yet assigned	no
		CVE-2025-37895	not yet assigned	no
		CVE-2025-37897	not yet assigned	no
		CVE-2025-37899	not yet assigned	no
		CVE-2025-37900	not yet assigned	no
		CVE-2025-37901	not yet assigned	no
		CVE-2025-37902	not yet assigned	no
		CVE-2025-37903	not yet assigned	no
		CVE-2025-37905	not yet assigned	no
		CVE-2025-37907	not yet assigned	no
		CVE-2025-37908	not yet assigned	no
		CVE-2025-37909	not yet assigned	no
		CVE-2025-37910	not yet assigned	no
		CVE-2025-37911	not yet assigned	no
		CVE-2025-37912	not yet assigned	no
		CVE-2025-37913	not yet assigned	no
		CVE-2025-37914	not yet assigned	no
		CVE-2025-37915	not yet assigned	no
		CVE-2025-37916	not yet assigned	no
		CVE-2025-37917	not yet assigned	no
		CVE-2025-37918	not yet assigned	no
		CVE-2025-37919	not yet assigned	no
		CVE-2025-37920	not yet assigned	no
		CVE-2025-37921	not yet assigned	no
		CVE-2025-37922	not yet assigned	no
		CVE-2025-37923	not yet assigned	no
		CVE-2025-37924	not yet assigned	no
		CVE-2025-37926	not yet assigned	no
		CVE-2025-37927	not yet assigned	no
		CVE-2025-37928	not yet assigned	no
		CVE-2025-37929	not yet assigned	no
		CVE-2025-37930	not yet assigned	no
		CVE-2025-37931	not yet assigned	no
		CVE-2025-37932	not yet assigned	no
		CVE-2025-37933	not yet assigned	no
		CVE-2025-37934	not yet assigned	no
		CVE-2025-37935	not yet assigned	no
		CVE-2025-37936	not yet assigned	no
		CVE-2025-37946	not yet assigned	no
		CVE-2025-37947	not yet assigned	no
		CVE-2025-37948	not yet assigned	no
		CVE-2025-37949	not yet assigned	no
		CVE-2025-37951	not yet assigned	no
		CVE-2025-37952	not yet assigned	no
		CVE-2025-37953	not yet assigned	no
		CVE-2025-37954	not yet assigned	no
		CVE-2025-37955	not yet assigned	no
		CVE-2025-37956	not yet assigned	no
		CVE-2025-37957	not yet assigned	no
		CVE-2025-37958	not yet assigned	no
		CVE-2025-37959	not yet assigned	no
		CVE-2025-37960	not yet assigned	no
		CVE-2025-37961	not yet assigned	no
		CVE-2025-37962	not yet assigned	no
		CVE-2025-37963	not yet assigned	no
		CVE-2025-37964	not yet assigned	no
		CVE-2025-37965	not yet assigned	no
		CVE-2025-37969	not yet assigned	no
		CVE-2025-37970	not yet assigned	no
		CVE-2025-37971	not yet assigned	no
		CVE-2025-37972	not yet assigned	no
		CVE-2025-37973	not yet assigned	no
		CVE-2025-37974	not yet assigned	no
		CVE-2025-37990	not yet assigned	no
		CVE-2025-37991	not yet assigned	no
nodejs	check	CVE-2025-23165	not yet assigned	no
		CVE-2025-23166	not yet assigned	no
nvidia-graphics-drivers-tesla-535 (non-free-firmware)	check	CVE-2024-0131	not yet assigned	no
		CVE-2024-0147	not yet assigned	no
		CVE-2024-0150	not yet assigned	no
		CVE-2024-53869	not yet assigned	no
		CVE-2025-23244	not yet assigned	no
open-vm-tools	check	CVE-2025-22247	not yet assigned	no
pgpool2	check	CVE-2025-46801	not yet assigned	no
python-django	check	CVE-2025-32873	not yet assigned	no
python-flask-cors	check	CVE-2024-6839	not yet assigned	no
		CVE-2024-6844	not yet assigned	no
		CVE-2024-6866	not yet assigned	no
python-tornado	check	CVE-2025-47287	not yet assigned	no
quickjs	check	CVE-2025-46687	not yet assigned	no
		CVE-2025-46688	not yet assigned	no
redis	check	CVE-2025-21605	not yet assigned	no
rust-sudo-rs	check	CVE-2025-46717	not yet assigned	no
		CVE-2025-46718	not yet assigned	no
slurm-wlm	check	CVE-2025-4390	not yet assigned	?
syslog-ng	check	CVE-2024-47619	not yet assigned	no
thunderbird	check	CVE-2025-3875	not yet assigned	no	(fixed in stable?)
		CVE-2025-3877	not yet assigned	no	(fixed in stable?)
		CVE-2025-3909	not yet assigned	no	(fixed in stable?)
		CVE-2025-3932	not yet assigned	no	(fixed in stable?)
varnish	check	CVE-2025-47905	not yet assigned	no
webkit2gtk	check	CVE-2025-24223	not yet assigned	no
		CVE-2025-31204	not yet assigned	no
		CVE-2025-31205	not yet assigned	no
		CVE-2025-31206	not yet assigned	no
		CVE-2025-31215	not yet assigned	no
		CVE-2025-31257	not yet assigned	no
webpy	check	CVE-2025-3818	not yet assigned	no
weechat	check	TEMP-1104554-71A417	not yet assigned	?
		TEMP-1104554-9D6627	not yet assigned	?
		TEMP-1104554-A4A19A	not yet assigned	?
		TEMP-1104554-B16504	not yet assigned	?
		TEMP-1104554-D19F68	not yet assigned	?
		TEMP-1104554-D6608C	not yet assigned	?
		TEMP-1104554-F3166C	not yet assigned	?
wpewebkit	check	CVE-2025-24223	not yet assigned	no
		CVE-2025-31204	not yet assigned	no
		CVE-2025-31205	not yet assigned	no
		CVE-2025-31206	not yet assigned	no
		CVE-2025-31215	not yet assigned	no
		CVE-2025-31257	not yet assigned	no