Vulnerable source packages among backports for stable

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
ckermitCVE-2025-68920not yet assignedno
curlCVE-2025-11563not yet assigned?
CVE-2025-13034not yet assigned?
CVE-2025-14524not yet assigned?
CVE-2025-14819not yet assigned?
devscriptsCVE-2025-8454not yet assignedno
fort-validatorCVE-2024-56169not yet assignedno
CVE-2024-56170not yet assignedno
linuxCVE-2013-7445not yet assignedno
CVE-2018-12928lowno
CVE-2019-15213not yet assignedno
CVE-2019-16089not yet assignedno
CVE-2019-19449not yet assignedno
CVE-2019-19814not yet assignedno
CVE-2019-20794not yet assignedno
CVE-2020-14304not yet assignedno
CVE-2020-36694not yet assignedno
CVE-2021-3847not yet assignedno
CVE-2021-3864not yet assignedno
CVE-2023-3397not yet assignedno
CVE-2023-4010not yet assignedno
CVE-2023-6238not yet assignedno
CVE-2023-6240not yet assignedno
CVE-2023-31082not yet assignedno
CVE-2023-37454not yet assignedno
CVE-2024-2193not yet assignedno
CVE-2024-21803not yet assignedno
CVE-2024-24864not yet assignedno
CVE-2024-56709not yet assignedno
CVE-2025-68351not yet assignedno
CVE-2025-68353not yet assignedno
CVE-2025-68357not yet assignedno
CVE-2025-68365not yet assignedno
CVE-2025-68368not yet assignedno
CVE-2025-68725not yet assignedno
CVE-2025-68736not yet assignedno
CVE-2025-68745not yet assignedno
nvidia-graphics-drivers (non-free-firmware)CVE-2025-23279not yet assignedno
CVE-2025-23280not yet assignedno
CVE-2025-23282not yet assignedno
CVE-2025-23286not yet assignedno
CVE-2025-23300not yet assignedno
CVE-2025-23330not yet assignedno
CVE-2025-23332not yet assignedno
CVE-2025-23345not yet assignedno
nvidia-open-gpu-kernel-modules (contrib)CVE-2025-23279not yet assignedno
CVE-2025-23280not yet assignedno
CVE-2025-23282not yet assignedno
CVE-2025-23286not yet assignedno
CVE-2025-23300not yet assignedno
CVE-2025-23330not yet assignedno
CVE-2025-23332not yet assignedno
CVE-2025-23345not yet assignedno

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.

Search for package or bug name: Reporting problems