Vulnerable source packages among backports for stable

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
ansibleCVE-2018-16837not yet assignedno
antCVE-2018-10886not yet assignedno
TEMP-0904191-9063D5not yet assigned?
asciidoctorCVE-2018-18385lowno
botanCVE-2018-12435low**no
CVE-2018-9860medium**yes
glusterfsCVE-2018-14651not yet assignedno
CVE-2018-14652not yet assignedno
CVE-2018-14653not yet assignedno
CVE-2018-14654not yet assignedno
CVE-2018-14659not yet assignedno
CVE-2018-14660not yet assignedno
CVE-2018-14661not yet assignedno
golang-golang-x-net-devCVE-2018-17846not yet assignedno
CVE-2018-17847not yet assignedno
CVE-2018-17848not yet assignedno
h2oCVE-2018-0608high**yes
htslibCVE-2018-13843lowyes
CVE-2018-13844lowyes
CVE-2018-13845lowyes
jetty9CVE-2017-7656lowyes
CVE-2017-7657lowyes
CVE-2017-7658lowyes
CVE-2018-12536lowyes
jrubyCVE-2018-1000073medium**yes
CVE-2018-1000074medium**yes
CVE-2018-1000075medium**yes
CVE-2018-1000076high**yes
CVE-2018-1000077medium**yes
CVE-2018-1000078medium**yes
CVE-2018-1000079medium**yes
knot-resolverCVE-2018-10920medium**yes
libsshCVE-2018-10933medium**yes
linuxCVE-2013-7445high**yes
CVE-2015-8553low**no
CVE-2016-10723medium**no
CVE-2016-8660lowno
CVE-2017-0630low**yes
CVE-2017-1000379high**no
CVE-2018-1000026medium**yes
CVE-2018-1128medium**yes
CVE-2018-1129low**yes
CVE-2018-12896low**no
CVE-2018-12928lowno
CVE-2018-12929medium**no
CVE-2018-12930high**no
CVE-2018-12931high**no
CVE-2018-13053medium**no
CVE-2018-13096medium**yes
CVE-2018-13097medium**yes
CVE-2018-13098medium**yes
CVE-2018-13099medium**yes
CVE-2018-13100medium**yes
CVE-2018-14609high**yes
CVE-2018-14610high**yes
CVE-2018-14611high**yes
CVE-2018-14612high**yes
CVE-2018-14613high**yes
CVE-2018-14614high**yes
CVE-2018-14615high**yes
CVE-2018-14616high**yes
CVE-2018-14617high**yes
CVE-2018-14625not yet assignedno
CVE-2018-14633high**yes
CVE-2018-15471medium**no
CVE-2018-17182not yet assignedno
CVE-2018-17972not yet assignedno
CVE-2018-18021not yet assignedno
CVE-2018-18281not yet assignedno
CVE-2018-18445not yet assignedno
CVE-2018-18559not yet assignedno
CVE-2018-18710not yet assignedno
CVE-2018-18955not yet assigned?
CVE-2018-3693medium**no
CVE-2018-7755low**no
linux-grsecCVE-2017-5715medium**no
CVE-2017-5753medium**no
CVE-2017-5754medium**no
modsecurity-crsCVE-2018-16384lowyes
network-managerCVE-2012-1096low?
nginxCVE-2013-0337lowyes
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5715medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5753medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5754medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6266medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6267medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6272high**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2018-6249high**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2018-6253medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6266medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6267medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6272high**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2018-6249high**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2018-6253medium**no
openjdk-11CVE-2018-12438lowno
CVE-2018-3136low**yes
CVE-2018-3139low**yes
CVE-2018-3149medium**yes
CVE-2018-3150medium**yes
CVE-2018-3157medium**yes
CVE-2018-3169medium**yes
CVE-2018-3180medium**yes
otrs2 (non-free)CVE-2018-19142not yet assignedno
otrs2 (non-free)CVE-2018-19143not yet assignedno
password-storeCVE-2018-12356high**yes
phpldapadminCVE-2017-11107medium**yes
pycryptodomeCVE-2018-6594medium**yes
python-djangoCVE-2018-14574medium**yes
python-pysaml2CVE-2016-10127lowyes
CVE-2017-1000433medium**yes
qpdfCVE-2018-18020not yet assignedno
CVE-2018-9918medium**yes
ruby-grapeCVE-2018-3769medium**yes
ruby-loofahCVE-2018-16468not yet assignedno
ruby-net-ldapCVE-2017-17718medium**yes
ruby-rackCVE-2018-16471not yet assignedno
ruby-sanitizeCVE-2018-3740medium**yes
suricataCVE-2018-14568medium**yes
CVE-2018-18956not yet assignedno
systemdCVE-2018-15686not yet assignedno
telegram-desktopCVE-2018-17613not yet assignedno
CVE-2018-17780not yet assignedno
virtualbox (contrib)CVE-2018-2909medium**no
virtualbox (contrib)CVE-2018-3287medium**no
virtualbox (contrib)CVE-2018-3288medium**no
virtualbox (contrib)CVE-2018-3289medium**no
virtualbox (contrib)CVE-2018-3290medium**no
virtualbox (contrib)CVE-2018-3291medium**no
virtualbox (contrib)CVE-2018-3292medium**no
virtualbox (contrib)CVE-2018-3293medium**no
virtualbox (contrib)CVE-2018-3294medium**yes
virtualbox (contrib)CVE-2018-3295medium**no
virtualbox (contrib)CVE-2018-3296medium**no
virtualbox (contrib)CVE-2018-3297medium**no
virtualbox (contrib)CVE-2018-3298medium**no
virtualbox (contrib)TEMP-0913137-22A98Cnot yet assigned?
wesnoth-1.14CVE-2018-1999023medium**yes
wineCVE-2018-12932lowyes
CVE-2018-12933lowyes
zabbixCVE-2017-2826lowyes

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems