Vulnerable source packages among backports for stable

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
ansibleCVE-2018-16876medium**yes
CVE-2019-3828not yet assigned?
antCVE-2018-10886not yet assignedno
TEMP-0904191-9063D5not yet assigned?
asciidoctorCVE-2018-18385lowyes
botanCVE-2018-12435low**no
CVE-2018-20187medium**yes
CVE-2018-9860medium**yes
cactiCVE-2018-20723lowyes
CVE-2018-20724lowyes
CVE-2018-20725lowyes
CVE-2018-20726lowyes
gitlab (contrib)CVE-2018-20144not yet assigned?
CVE-2018-20229not yet assigned?
CVE-2018-20488not yet assigned?
CVE-2018-20489not yet assigned?
CVE-2018-20490not yet assigned?
CVE-2018-20491not yet assigned?
CVE-2018-20492not yet assigned?
CVE-2018-20493not yet assigned?
CVE-2018-20494not yet assigned?
CVE-2018-20495not yet assigned?
CVE-2018-20496not yet assigned?
CVE-2018-20497not yet assigned?
CVE-2018-20498not yet assigned?
CVE-2018-20499not yet assigned?
CVE-2018-20500not yet assigned?
CVE-2018-20501not yet assigned?
CVE-2018-20507not yet assigned?
CVE-2019-6240not yet assigned?
CVE-2019-6781not yet assigned?
CVE-2019-6782not yet assigned?
CVE-2019-6783not yet assigned?
CVE-2019-6784not yet assigned?
CVE-2019-6785not yet assigned?
CVE-2019-6786not yet assigned?
CVE-2019-6787not yet assigned?
CVE-2019-6788not yet assigned?
CVE-2019-6789not yet assigned?
CVE-2019-6790not yet assigned?
CVE-2019-6791not yet assigned?
CVE-2019-6792not yet assigned?
CVE-2019-6794not yet assigned?
CVE-2019-6795not yet assigned?
CVE-2019-6796not yet assigned?
CVE-2019-6960not yet assigned?
CVE-2019-6995not yet assigned?
CVE-2019-6997not yet assigned?
CVE-2019-7155not yet assigned?
CVE-2019-7176not yet assigned?
CVE-2019-9170not yet assigned?
CVE-2019-9171not yet assigned?
CVE-2019-9172not yet assigned?
CVE-2019-9174not yet assigned?
CVE-2019-9175not yet assigned?
CVE-2019-9176not yet assigned?
CVE-2019-9178not yet assigned?
CVE-2019-9179not yet assigned?
CVE-2019-9217not yet assigned?
CVE-2019-9219not yet assigned?
CVE-2019-9220not yet assigned?
CVE-2019-9221not yet assigned?
CVE-2019-9222not yet assigned?
CVE-2019-9223not yet assigned?
CVE-2019-9224not yet assigned?
CVE-2019-9225not yet assigned?
CVE-2019-9485not yet assigned?
CVE-2019-9866not yet assigned?
glusterfsCVE-2018-14651medium**yes
CVE-2018-14652medium**yes
CVE-2018-14653medium**yes
CVE-2018-14654high**yes
CVE-2018-14659medium**yes
CVE-2018-14660medium**yes
CVE-2018-14661medium**yes
golang-1.11CVE-2019-9741medium**yes
golang-golang-x-net-devCVE-2018-17846medium**yes
CVE-2018-17847lowyes
CVE-2018-17848lowyes
h2oCVE-2018-0608high**yes
htslibCVE-2018-13843lowyes
CVE-2018-13844lowyes
CVE-2018-13845lowyes
jrubyCVE-2018-1000073medium**yes
CVE-2018-1000074medium**yes
CVE-2018-1000075medium**yes
CVE-2018-1000076high**yes
CVE-2018-1000077medium**yes
CVE-2018-1000078medium**yes
CVE-2018-1000079medium**yes
libapache2-mod-auth-mellonCVE-2019-3877not yet assigned?
CVE-2019-3878not yet assigned?
libsshCVE-2018-10933medium**yes
linuxCVE-2013-7445high**yes
CVE-2015-8553low**no
CVE-2016-10723medium**no
CVE-2016-8660lowno
CVE-2017-0630low**yes
CVE-2017-1000379high**no
CVE-2018-12928lowno
CVE-2018-12929medium**no
CVE-2018-12930high**no
CVE-2018-12931high**no
CVE-2018-16880medium**no
CVE-2018-3693medium**no
CVE-2019-3459not yet assigned?
CVE-2019-3460not yet assigned?
CVE-2019-3819medium**no
CVE-2019-3874not yet assigned?
CVE-2019-5489low**no
CVE-2019-6974medium**yes
CVE-2019-7221not yet assignedno
CVE-2019-7222not yet assignedno
CVE-2019-7308high**yes
CVE-2019-8912high**no
CVE-2019-8956not yet assigned?
CVE-2019-8980high**yes
CVE-2019-9003high**yes
CVE-2019-9162medium**no
CVE-2019-9213medium**no
CVE-2019-9857not yet assignedno
linux-grsecCVE-2017-5715medium**no
CVE-2017-5753medium**no
CVE-2017-5754medium**no
modsecurity-crsCVE-2018-16384lowyes
mumbleCVE-2018-20743medium**yes
CVE-2019-1000029not yet assigned?
network-managerCVE-2012-1096low?
nginxCVE-2013-0337lowyes
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5715medium**no
CVE-2017-5753medium**no
CVE-2017-5754medium**no
CVE-2017-6266medium**no
CVE-2017-6267medium**no
CVE-2017-6272high**no
CVE-2018-6249high**no
CVE-2018-6253medium**no
CVE-2018-6260low**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6266medium**no
CVE-2017-6267medium**no
CVE-2017-6272high**no
CVE-2018-6249high**no
CVE-2018-6253medium**no
CVE-2018-6260low**no
otrs2 (non-free)CVE-2018-19142low**yes
CVE-2018-19143medium**yes
CVE-2018-20800medium**yes
CVE-2019-9751low**yes
CVE-2019-9752medium**yes
password-storeCVE-2018-12356high**yes
phpldapadminCVE-2017-11107medium**yes
prometheusCVE-2019-3826not yet assigned?
pycryptodomeCVE-2018-6594medium**yes
python-gnupgCVE-2019-6690not yet assignedno
python-pysaml2CVE-2016-10127lowyes
python-urllib3CVE-2019-9740medium**yes
qpdfCVE-2018-18020medium**yes
CVE-2018-9918medium**yes
r-cran-igraphCVE-2018-20349medium**yes
r-other-x4rCVE-2017-9765medium**yes
CVE-2019-7659medium**yes
rabbitmq-serverCVE-2018-1279low**yes
railsCVE-2018-16476medium**yes
CVE-2018-16477medium**yes
CVE-2019-5418not yet assigned?
CVE-2019-5419not yet assigned?
CVE-2019-5420not yet assigned?
ruby-doorkeeper-openid-connectCVE-2019-9837not yet assignedno
ruby-loofahCVE-2018-16468low**yes
ruby-rackCVE-2018-16471medium**yes
seafileCVE-2013-7469medium**yes
sqlalchemyCVE-2019-7164high**yes
CVE-2019-7548medium**yes
sqlite3CVE-2019-9936lowno
CVE-2019-9937lowno
svgppCVE-2019-6246high**yes
sysstatCVE-2018-19416lowyes
CVE-2018-19517lowyes
telegram-desktopCVE-2018-17780medium**yes
torCVE-2019-8955medium**yes
trafficserverCVE-2018-11783medium**yes
xmltoolingCVE-2019-9628not yet assigned?
zabbixCVE-2017-2826lowyes
zncCVE-2019-9917not yet assigned?
zoneminderCVE-2018-1000832high**yes
CVE-2018-1000833high**yes
CVE-2019-6777medium**yes
CVE-2019-6990low**yes
CVE-2019-6991high**yes
CVE-2019-6992medium**yes
CVE-2019-7325medium**yes
CVE-2019-7326medium**yes
CVE-2019-7327medium**yes
CVE-2019-7328medium**yes
CVE-2019-7329medium**yes
CVE-2019-7330medium**yes
CVE-2019-7331medium**yes
CVE-2019-7332medium**yes
CVE-2019-7333medium**yes
CVE-2019-7334medium**yes
CVE-2019-7335medium**yes
CVE-2019-7336medium**yes
CVE-2019-7337low**yes
CVE-2019-7338medium**yes
CVE-2019-7339medium**yes
CVE-2019-7340medium**yes
CVE-2019-7341medium**yes
CVE-2019-7342medium**yes
CVE-2019-7343medium**yes
CVE-2019-7344medium**yes
CVE-2019-7345low**yes
CVE-2019-7346medium**yes
CVE-2019-7347medium**yes
CVE-2019-7348medium**yes
CVE-2019-7349medium**yes
CVE-2019-7350medium**yes
CVE-2019-7351medium**yes
CVE-2019-7352medium**yes
CVE-2019-8423high**yes
CVE-2019-8424high**yes
CVE-2019-8425medium**yes
CVE-2019-8426medium**yes
CVE-2019-8427high**yes
CVE-2019-8428high**yes
CVE-2019-8429high**yes

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems