Vulnerable source packages in the stable suite

Package	Bug	Urgency	Remote
amd64-microcode (non-free-firmware)	CVE-2024-36350	not yet assigned	no
	CVE-2024-36357	not yet assigned	no
civetweb	CVE-2025-9648	not yet assigned	no
cpp-httplib	CVE-2025-46728	not yet assigned	no
	CVE-2025-53628	not yet assigned	no
	CVE-2025-53629	not yet assigned	no
dnsdist	CVE-2025-30187	not yet assigned	no
expat	CVE-2025-59375	not yet assigned	no
ghostscript	CVE-2025-59798	not yet assigned	no
	CVE-2025-59799	not yet assigned	no
golang-go.crypto	CVE-2024-45337	not yet assigned	no
	CVE-2025-22869	not yet assigned	no
incus	CVE-2025-54286	not yet assigned	no
	CVE-2025-54287	not yet assigned	no
	CVE-2025-54288	not yet assigned	no
	CVE-2025-54289	not yet assigned	no
	CVE-2025-54290	not yet assigned	no
	CVE-2025-54291	not yet assigned	no
	CVE-2025-54292	not yet assigned	no
	CVE-2025-54293	not yet assigned	no
intel-microcode (non-free-firmware)	CVE-2025-20053	not yet assigned	no
	CVE-2025-20109	not yet assigned	no
	CVE-2025-21090	not yet assigned	no
	CVE-2025-22839	not yet assigned	no
	CVE-2025-22840	not yet assigned	no
	CVE-2025-22889	not yet assigned	no
	CVE-2025-24305	not yet assigned	no
	CVE-2025-26403	not yet assigned	no
	CVE-2025-32086	not yet assigned	no
jackson-core	CVE-2025-52999	not yet assigned	no
libspf2	CVE-2023-42118	not yet assigned	no
linux	CVE-2013-7445	not yet assigned	no
	CVE-2018-12928	low	no
	CVE-2019-15213	not yet assigned	no
	CVE-2019-16089	not yet assigned	no
	CVE-2019-19449	not yet assigned	no
	CVE-2019-19814	not yet assigned	no
	CVE-2019-20794	not yet assigned	no
	CVE-2020-14304	not yet assigned	no
	CVE-2020-36694	not yet assigned	no
	CVE-2021-3847	not yet assigned	no
	CVE-2021-3864	not yet assigned	no
	CVE-2021-47658	not yet assigned	no
	CVE-2023-3397	not yet assigned	no
	CVE-2023-4010	not yet assigned	no
	CVE-2023-6238	not yet assigned	no
	CVE-2023-6240	not yet assigned	no
	CVE-2023-31082	not yet assigned	no
	CVE-2023-37454	not yet assigned	no
	CVE-2024-2193	not yet assigned	no
	CVE-2024-21803	not yet assigned	no
	CVE-2024-24864	not yet assigned	no
	CVE-2024-25740	not yet assigned	no
	CVE-2024-52560	not yet assigned	no
	CVE-2024-56709	not yet assigned	no
	CVE-2024-57995	not yet assigned	no
	CVE-2024-58015	not yet assigned	no
	CVE-2024-58022	not yet assigned	no
	CVE-2024-58074	not yet assigned	no
	CVE-2024-58093	not yet assigned	no
	CVE-2024-58094	not yet assigned	no
	CVE-2024-58095	not yet assigned	no
	CVE-2024-58096	not yet assigned	no
	CVE-2024-58097	not yet assigned	no
	CVE-2025-21709	not yet assigned	no
	CVE-2025-21752	not yet assigned	no
	CVE-2025-21807	not yet assigned	no
	CVE-2025-21833	not yet assigned	no
	CVE-2025-21949	not yet assigned	no
	CVE-2025-22031	not yet assigned	no
	CVE-2025-22051	not yet assigned	no
	CVE-2025-22052	not yet assigned	no
	CVE-2025-22061	not yet assigned	no
	CVE-2025-22069	not yet assigned	no
	CVE-2025-22092	not yet assigned	no
	CVE-2025-22094	not yet assigned	no
	CVE-2025-22096	not yet assigned	no
	CVE-2025-22098	not yet assigned	no
	CVE-2025-22099	not yet assigned	no
	CVE-2025-22100	not yet assigned	no
	CVE-2025-22104	not yet assigned	no
	CVE-2025-22105	not yet assigned	no
	CVE-2025-22106	not yet assigned	no
	CVE-2025-22107	not yet assigned	no
	CVE-2025-22108	not yet assigned	no
	CVE-2025-22109	not yet assigned	no
	CVE-2025-22110	not yet assigned	no
	CVE-2025-22111	not yet assigned	no
	CVE-2025-22114	not yet assigned	no
	CVE-2025-22116	not yet assigned	no
	CVE-2025-22117	not yet assigned	no
	CVE-2025-22118	not yet assigned	no
	CVE-2025-22121	not yet assigned	no
	CVE-2025-22127	not yet assigned	no
	CVE-2025-23129	not yet assigned	no
	CVE-2025-23130	not yet assigned	no
	CVE-2025-23131	not yet assigned	no
	CVE-2025-23132	not yet assigned	no
	CVE-2025-23135	not yet assigned	no
	CVE-2025-37743	not yet assigned	no
	CVE-2025-37746	not yet assigned	no
	CVE-2025-37825	not yet assigned	no
	CVE-2025-37860	not yet assigned	no
	CVE-2025-37880	not yet assigned	no
	CVE-2025-37906	not yet assigned	no
	CVE-2025-37966	not yet assigned	no
	CVE-2025-38029	not yet assigned	no
	CVE-2025-38036	not yet assigned	no
	CVE-2025-38041	not yet assigned	no
	CVE-2025-38042	not yet assigned	no
	CVE-2025-38064	not yet assigned	no
	CVE-2025-38105	not yet assigned	no
	CVE-2025-38132	not yet assigned	no
	CVE-2025-38137	not yet assigned	no
	CVE-2025-38140	not yet assigned	no
	CVE-2025-38187	not yet assigned	no
	CVE-2025-38199	not yet assigned	no
	CVE-2025-38205	not yet assigned	no
	CVE-2025-38207	not yet assigned	no
	CVE-2025-38234	not yet assigned	no
	CVE-2025-38237	not yet assigned	no
	CVE-2025-38248	not yet assigned	no
	CVE-2025-38261	not yet assigned	no
	CVE-2025-38284	not yet assigned	no
	CVE-2025-38311	not yet assigned	no
	CVE-2025-38322	not yet assigned	no
	CVE-2025-38359	not yet assigned	no
	CVE-2025-38421	not yet assigned	no
	CVE-2025-38426	not yet assigned	no
	CVE-2025-38584	not yet assigned	no
	CVE-2025-38591	not yet assigned	no
	CVE-2025-38597	not yet assigned	no
	CVE-2025-38605	not yet assigned	no
	CVE-2025-38621	not yet assigned	no
	CVE-2025-38627	not yet assigned	no
	CVE-2025-38636	not yet assigned	no
	CVE-2025-38643	not yet assigned	no
	CVE-2025-38678	not yet assigned	no
	CVE-2025-39677	not yet assigned	no
	CVE-2025-39678	not yet assigned	no
	CVE-2025-39745	not yet assigned	no
	CVE-2025-39762	not yet assigned	no
	CVE-2025-39764	not yet assigned	no
	CVE-2025-39775	not yet assigned	no
	CVE-2025-39789	not yet assigned	no
	CVE-2025-39816	not yet assigned	no
	CVE-2025-39822	not yet assigned	no
	CVE-2025-39830	not yet assigned	no
	CVE-2025-39833	not yet assigned	no
	CVE-2025-39834	not yet assigned	no
	CVE-2025-39859	not yet assigned	no
	CVE-2025-39862	not yet assigned	no
	CVE-2025-39905	not yet assigned	no
	CVE-2025-39910	not yet assigned	no
	CVE-2025-39925	not yet assigned	no
	CVE-2025-39929	not yet assigned	no
	CVE-2025-39931	not yet assigned	no
	CVE-2025-39932	not yet assigned	no
	CVE-2025-39933	not yet assigned	no
	CVE-2025-39934	not yet assigned	no
	CVE-2025-39937	not yet assigned	no
	CVE-2025-39938	not yet assigned	no
	CVE-2025-39940	not yet assigned	no
	CVE-2025-39942	not yet assigned	no
	CVE-2025-39943	not yet assigned	no
	CVE-2025-39944	not yet assigned	no
	CVE-2025-39945	not yet assigned	no
	CVE-2025-39946	not yet assigned	no
	CVE-2025-39947	not yet assigned	no
	CVE-2025-39948	not yet assigned	no
	CVE-2025-39949	not yet assigned	no
	CVE-2025-39950	not yet assigned	no
	CVE-2025-39951	not yet assigned	no
	CVE-2025-39952	not yet assigned	no
	CVE-2025-39953	not yet assigned	no
	CVE-2025-40014	not yet assigned	no
	CVE-2025-40325	not yet assigned	no
lxd	CVE-2025-54286	not yet assigned	no
	CVE-2025-54287	not yet assigned	no
	CVE-2025-54288	not yet assigned	no
	CVE-2025-54289	not yet assigned	no
	CVE-2025-54290	not yet assigned	no
	CVE-2025-54291	not yet assigned	no
	CVE-2025-54292	not yet assigned	no
	CVE-2025-54293	not yet assigned	no
mediawiki	CVE-2025-11173	not yet assigned	?
	CVE-2025-11175	not yet assigned	?
	CVE-2025-61634	not yet assigned	?
	CVE-2025-61635	not yet assigned	?
	CVE-2025-61636	not yet assigned	?
	CVE-2025-61637	not yet assigned	?
	CVE-2025-61638	not yet assigned	?
	CVE-2025-61639	not yet assigned	?
	CVE-2025-61640	not yet assigned	?
	CVE-2025-61641	not yet assigned	?
	CVE-2025-61642	not yet assigned	?
	CVE-2025-61643	not yet assigned	?
	CVE-2025-61646	not yet assigned	?
	CVE-2025-61652	not yet assigned	?
	CVE-2025-61653	not yet assigned	?
	CVE-2025-61654	not yet assigned	?
	CVE-2025-61655	not yet assigned	?
	CVE-2025-61656	not yet assigned	?
	CVE-2025-61657	not yet assigned	?
netty	CVE-2025-55163	not yet assigned	no
	CVE-2025-58056	not yet assigned	no
	CVE-2025-58057	not yet assigned	no
openbabel	CVE-2025-10994	not yet assigned	no
	CVE-2025-10995	not yet assigned	no
	CVE-2025-10996	not yet assigned	no
	CVE-2025-10997	not yet assigned	no
	CVE-2025-10998	not yet assigned	no
	CVE-2025-10999	not yet assigned	no
	CVE-2025-11000	not yet assigned	no
python-authlib	CVE-2025-59420	not yet assigned	no
python-django	CVE-2025-57833	not yet assigned	no
	CVE-2025-59681	not yet assigned	no
	CVE-2025-59682	not yet assigned	no
python-internetarchive	CVE-2025-58438	not yet assigned	no
python-pip	CVE-2025-8869	not yet assigned	no
rails	CVE-2025-24293	not yet assigned	?
redis	CVE-2025-46817	not yet assigned	no
	CVE-2025-46818	not yet assigned	no
	CVE-2025-46819	not yet assigned	no
	CVE-2025-49844	not yet assigned	no
resteasy3.0	CVE-2020-25633	not yet assigned	no
	CVE-2023-0482	not yet assigned	no
rtpengine	CVE-2025-53399	not yet assigned	no
ruby-rack	CVE-2025-59830	not yet assigned	no
ruby3.3	CVE-2025-58767	not yet assigned	no
tiff	CVE-2025-9900	not yet assigned	no
tomcat10	CVE-2025-46701	not yet assigned	no
	CVE-2025-48976	not yet assigned	no
	CVE-2025-48988	not yet assigned	no
	CVE-2025-48989	not yet assigned	no
	CVE-2025-49125	not yet assigned	no
	CVE-2025-52520	not yet assigned	no
	CVE-2025-53506	not yet assigned	no
	CVE-2025-55668	not yet assigned	no
tomcat11	CVE-2025-46701	not yet assigned	no
	CVE-2025-48976	not yet assigned	no
	CVE-2025-48988	not yet assigned	no
	CVE-2025-48989	not yet assigned	no
	CVE-2025-49125	not yet assigned	no
	CVE-2025-52520	not yet assigned	no
	CVE-2025-53506	not yet assigned	no
	CVE-2025-55668	not yet assigned	no
valkey	CVE-2025-46817	not yet assigned	no
	CVE-2025-46818	not yet assigned	no
	CVE-2025-46819	not yet assigned	no
	CVE-2025-49844	not yet assigned	no
webkit2gtk	CVE-2025-43272	not yet assigned	no
	CVE-2025-43342	not yet assigned	no
	CVE-2025-43356	not yet assigned	no
	CVE-2025-43368	not yet assigned	no
wordpress	CVE-2025-54352	not yet assigned	no
	CVE-2025-58246	not yet assigned	no
	CVE-2025-58674	not yet assigned	no
wpewebkit	CVE-2025-43272	not yet assigned	no
	CVE-2025-43342	not yet assigned	no
	CVE-2025-43356	not yet assigned	no
	CVE-2025-43368	not yet assigned	no
xen	CVE-2024-28956	not yet assigned	no
	CVE-2024-36350	not yet assigned	no
	CVE-2024-36357	not yet assigned	no
	CVE-2025-27465	not yet assigned	no
	CVE-2025-27466	not yet assigned	no
	CVE-2025-58142	not yet assigned	no
	CVE-2025-58143	not yet assigned	no
	CVE-2025-58144	not yet assigned	no
	CVE-2025-58145	not yet assigned	no
zabbix	CVE-2025-27231	not yet assigned	no
	CVE-2025-27233	not yet assigned	no
	CVE-2025-27236	not yet assigned	no
	CVE-2025-27238	not yet assigned	no
	CVE-2025-49641	not yet assigned	no
zookeeper	CVE-2025-58457	not yet assigned	no

If a "*" is included in the urgency field, no DSA is planned for this vulnerability.

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.