Vulnerable source packages among backports for stable

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.

Package	Bug	Urgency	Remote
adminer	CVE-2021-29625	not yet assigned	no
ansible	CVE-2021-3532	not yet assigned	no
	CVE-2021-3533	not yet assigned	no
	CVE-2021-3620	not yet assigned	?
	CVE-2021-20178	not yet assigned	no
	CVE-2021-20180	not yet assigned	?
	CVE-2021-20191	not yet assigned	no
	CVE-2021-20228	not yet assigned	no
asyncpg	CVE-2020-17446	not yet assigned	no
bluez	CVE-2020-26558	not yet assigned	no
	CVE-2020-27153	not yet assigned	no
	CVE-2021-0129	not yet assigned	no
	CVE-2021-3588	not yet assigned	no
bundler	CVE-2020-36327	not yet assigned	no
cairosvg	CVE-2021-21236	not yet assigned	no
cloud-init	CVE-2021-3429	not yet assigned	?
codemirror-js	CVE-2020-7760	not yet assigned	no
curl	CVE-2021-22898	not yet assigned	no
	CVE-2021-22924	not yet assigned	?
django-filter	CVE-2020-15225	not yet assigned	no
edk2	CVE-2019-11098	not yet assigned	no
	CVE-2019-14560	not yet assigned	?
	CVE-2019-14562	not yet assigned	no
	CVE-2019-14584	not yet assigned	no
	CVE-2021-28210	not yet assigned	no
	CVE-2021-28211	not yet assigned	no
	CVE-2021-28213	not yet assigned	no
evolution-data-server	CVE-2020-14928	not yet assigned	no
	CVE-2020-16117	not yet assigned	no
firmware-nonfree (non-free)	CVE-2020-24586	not yet assigned	no
	CVE-2020-24587	not yet assigned	no
	CVE-2020-24588	not yet assigned	no
geary	CVE-2020-24661	not yet assigned	no
golang-1.13	CVE-2020-7919	not yet assigned	no
golang-1.14	CVE-2020-15586	not yet assigned	no
	CVE-2020-16845	not yet assigned	no
	CVE-2020-24553	not yet assigned	no
golang-1.15	CVE-2021-34558	not yet assigned	no
golang-github-dgrijalva-jwt-go	CVE-2020-26160	not yet assigned	no
golang-golang-x-net	CVE-2021-31525	not yet assigned	no
	CVE-2021-33194	not yet assigned	no
intel-microcode (non-free)	CVE-2020-24489	not yet assigned	no
	CVE-2020-24511	not yet assigned	no
	CVE-2020-24512	not yet assigned	no
	CVE-2020-24513	not yet assigned	no
janus	CVE-2020-13898	not yet assigned	no
	CVE-2020-13899	not yet assigned	no
	CVE-2020-13900	not yet assigned	no
	CVE-2020-13901	not yet assigned	no
	CVE-2020-14033	not yet assigned	no
	CVE-2020-14034	not yet assigned	no
jetty9	CVE-2021-28169	not yet assigned	no
	CVE-2021-34428	not yet assigned	no
	CVE-2021-34429	not yet assigned	no
lemonldap-ng	CVE-2021-35472	not yet assigned	?
	CVE-2021-35473	not yet assigned	?
libgit2	CVE-2020-12278	not yet assigned	no
	CVE-2020-12279	not yet assigned	no
libphp-phpmailer	CVE-2021-3603	not yet assigned	no
libslirp	CVE-2020-29129	not yet assigned	no
	CVE-2020-29130	not yet assigned	no
	CVE-2021-3592	not yet assigned	no
	CVE-2021-3593	not yet assigned	no
	CVE-2021-3594	not yet assigned	no
	CVE-2021-3595	not yet assigned	no
libzstd	CVE-2021-24031	not yet assigned	no
	CVE-2021-24032	not yet assigned	no
linux	CVE-2013-7445	not yet assigned	no
	CVE-2018-12928	low	no
	CVE-2019-15213	not yet assigned	no
	CVE-2019-15794	not yet assigned	no
	CVE-2019-16089	not yet assigned	no
	CVE-2019-19378	not yet assigned	no
	CVE-2019-19449	not yet assigned	no
	CVE-2019-19814	not yet assigned	no
	CVE-2019-20794	not yet assigned	no
	CVE-2020-12362	not yet assigned	no
	CVE-2020-12363	not yet assigned	no
	CVE-2020-12364	not yet assigned	no
	CVE-2020-14304	not yet assigned	no
	CVE-2020-15802	not yet assigned	no
	CVE-2020-16119	not yet assigned	no
	CVE-2020-24504	not yet assigned	no
	CVE-2020-25673	not yet assigned	no
	CVE-2020-26541	not yet assigned	no
	CVE-2020-26555	not yet assigned	no
	CVE-2020-26556	not yet assigned	no
	CVE-2020-26557	not yet assigned	no
	CVE-2020-26559	not yet assigned	no
	CVE-2020-26560	not yet assigned	no
	CVE-2020-35501	not yet assigned	?
	CVE-2021-3542	not yet assigned	?
	CVE-2021-3612	not yet assigned	no
	CVE-2021-3640	not yet assigned	?
	CVE-2021-3655	not yet assigned	?
	CVE-2021-35039	not yet assigned	no
	CVE-2021-37159	not yet assigned	no
	CVE-2021-37576	not yet assigned	?
llvm-toolchain-8	CVE-2019-2212	not yet assigned	no
lxml	CVE-2021-28957	not yet assigned	no
m2crypto	CVE-2020-25657	not yet assigned	no
mapcache	CVE-2019-20005	not yet assigned	no
	CVE-2019-20006	not yet assigned	no
	CVE-2019-20007	not yet assigned	no
	CVE-2019-20198	not yet assigned	no
	CVE-2019-20199	not yet assigned	no
	CVE-2019-20200	not yet assigned	no
	CVE-2019-20201	not yet assigned	no
	CVE-2019-20202	not yet assigned	no
	CVE-2021-26220	not yet assigned	no
	CVE-2021-26221	not yet assigned	no
	CVE-2021-26222	not yet assigned	no
	CVE-2021-30485	not yet assigned	no
	CVE-2021-31229	not yet assigned	no
	CVE-2021-31347	not yet assigned	no
	CVE-2021-31348	not yet assigned	no
	CVE-2021-31598	not yet assigned	no
mapserver	CVE-2021-32062	not yet assigned	no
matrix-synapse	CVE-2021-29471	not yet assigned	no
maven	CVE-2021-26291	not yet assigned	no
mediawiki	CVE-2021-35197	not yet assigned	no
mutt	CVE-2021-3181	not yet assigned	no
	CVE-2021-32055	not yet assigned	no
nim	CVE-2020-15690	not yet assigned	no
	CVE-2020-15692	not yet assigned	no
	CVE-2020-15693	not yet assigned	no
	CVE-2020-15694	not yet assigned	no
	CVE-2021-21372	not yet assigned	no
	CVE-2021-21373	not yet assigned	no
	CVE-2021-21374	not yet assigned	no
	CVE-2021-29495	not yet assigned	no
node-ajv	CVE-2020-15366	not yet assigned	no
node-browserslist	CVE-2021-23364	not yet assigned	no
node-handlebars	CVE-2021-23369	not yet assigned	no
	CVE-2021-23383	not yet assigned	no
node-hosted-git-info	CVE-2021-23362	not yet assigned	no
node-jszip	CVE-2021-23413	not yet assigned	no
node-lodash	CVE-2020-28500	not yet assigned	no
	CVE-2021-23337	not yet assigned	no
node-mermaid	CVE-2021-35513	not yet assigned	no
node-postcss	CVE-2021-23368	not yet assigned	no
	CVE-2021-23382	not yet assigned	no
node-prismjs	CVE-2020-15138	not yet assigned	no
	CVE-2021-23341	not yet assigned	no
node-ssri	CVE-2021-27290	not yet assigned	no
nvidia-graphics-drivers (non-free)	CVE-2021-1093	not yet assigned	no
	CVE-2021-1094	not yet assigned	no
	CVE-2021-1095	not yet assigned	no
nvidia-graphics-drivers-legacy-340xx (non-free)	CVE-2017-6266	not yet assigned	no
	CVE-2017-6267	not yet assigned	no
	CVE-2017-6272	not yet assigned	no
	CVE-2018-6249	not yet assigned	no
	CVE-2018-6253	not yet assigned	no
	CVE-2018-6260	not yet assigned	no
	CVE-2020-5963	not yet assigned	no
	CVE-2020-5967	not yet assigned	no
	CVE-2021-1056	not yet assigned	no
	CVE-2021-1076	not yet assigned	no
	CVE-2021-1093	not yet assigned	no
	CVE-2021-1094	not yet assigned	no
	CVE-2021-1095	not yet assigned	no
nvidia-graphics-drivers-legacy-390xx (non-free)	CVE-2021-1093	not yet assigned	no
	CVE-2021-1094	not yet assigned	no
	CVE-2021-1095	not yet assigned	no
nvidia-graphics-drivers-tesla-418 (non-free)	CVE-2021-1093	not yet assigned	no
	CVE-2021-1094	not yet assigned	no
	CVE-2021-1095	not yet assigned	no
nvidia-graphics-drivers-tesla-450 (non-free)	CVE-2021-1093	not yet assigned	no
	CVE-2021-1094	not yet assigned	no
	CVE-2021-1095	not yet assigned	no
nvidia-graphics-drivers-tesla-460 (non-free)	CVE-2021-1093	not yet assigned	no
	CVE-2021-1094	not yet assigned	no
	CVE-2021-1095	not yet assigned	no
olm	CVE-2021-34813	not yet assigned	no
opensmtpd	CVE-2020-35679	not yet assigned	no
	CVE-2020-35680	not yet assigned	no
openssh	CVE-2021-28041	not yet assigned	no
prosody	TEMP-0000000-FE7FF2	not yet assigned	?
qemu	CVE-2019-12067	low	no
	CVE-2020-14394	not yet assigned	?
	CVE-2020-15469	low	no
	CVE-2020-17380	not yet assigned	no
	CVE-2020-25741	not yet assigned	no
	CVE-2020-25742	not yet assigned	no
	CVE-2020-25743	not yet assigned	no
	CVE-2020-29443	not yet assigned	no
	CVE-2020-35503	not yet assigned	no
	CVE-2020-35504	not yet assigned	no
	CVE-2020-35505	not yet assigned	no
	CVE-2020-35506	not yet assigned	no
	CVE-2021-3392	not yet assigned	no
	CVE-2021-3409	not yet assigned	no
	CVE-2021-3507	not yet assigned	no
	CVE-2021-3527	not yet assigned	no
	CVE-2021-3544	not yet assigned	no
	CVE-2021-3545	not yet assigned	no
	CVE-2021-3546	not yet assigned	no
	CVE-2021-3582	not yet assigned	?
	CVE-2021-3607	not yet assigned	?
	CVE-2021-3608	not yet assigned	?
	CVE-2021-3611	not yet assigned	?
	CVE-2021-3638	not yet assigned	?
	CVE-2021-20196	not yet assigned	no
	CVE-2021-20203	not yet assigned	no
	CVE-2021-20255	not yet assigned	no
racket	CVE-2021-32773	not yet assigned	no
rails	CVE-2020-8264	not yet assigned	no
	CVE-2020-15169	not yet assigned	no
	CVE-2021-22880	not yet assigned	no
	CVE-2021-22881	not yet assigned	no
	CVE-2021-22885	not yet assigned	no
	CVE-2021-22902	not yet assigned	no
	CVE-2021-22904	not yet assigned	no
redis	CVE-2021-32761	not yet assigned	no
redmine	CVE-2021-30163	not yet assigned	no
	CVE-2021-30164	not yet assigned	no
	CVE-2021-31863	not yet assigned	no
	CVE-2021-31864	not yet assigned	no
	CVE-2021-31865	not yet assigned	no
	CVE-2021-31866	not yet assigned	no
rlottie	CVE-2021-31317	not yet assigned	no
	CVE-2021-31321	not yet assigned	no
roundcube	CVE-2019-15237	low	no
ruby-addressable	CVE-2021-32740	not yet assigned	no
ruby-bindata	CVE-2021-32823	not yet assigned	no
ruby-commonmarker	CVE-2020-5238	not yet assigned	no
ruby-nokogiri	CVE-2020-26247	low	no
ruby-omniauth	CVE-2015-9284	not yet assigned	no
ruby-rack	CVE-2020-8161	not yet assigned	no
	CVE-2020-8184	not yet assigned	no
ruby-redcarpet	CVE-2020-26298	not yet assigned	no
ruby-sidekiq	CVE-2021-30151	not yet assigned	no
spamassassin	CVE-2020-1946	not yet assigned	no
squid	CVE-2020-15049	not yet assigned	no
	CVE-2020-15810	not yet assigned	no
	CVE-2020-15811	not yet assigned	no
	CVE-2020-24606	not yet assigned	no
	CVE-2020-25097	not yet assigned	no
	CVE-2021-28116	not yet assigned	no
	CVE-2021-28651	not yet assigned	no
	CVE-2021-28652	not yet assigned	no
	CVE-2021-28662	not yet assigned	no
	CVE-2021-31806	not yet assigned	no
	CVE-2021-31807	not yet assigned	no
	CVE-2021-31808	not yet assigned	no
	CVE-2021-33620	not yet assigned	no
stunnel4	CVE-2021-20230	not yet assigned	no
suricata	CVE-2021-35063	not yet assigned	no
systemd	CVE-2021-33910	not yet assigned	no
tcmu	CVE-2021-3139	not yet assigned	no
telegram-desktop	CVE-2021-36769	not yet assigned	no
tomcat9	CVE-2021-30639	not yet assigned	no
	CVE-2021-30640	not yet assigned	no
	CVE-2021-33037	not yet assigned	no
veyon	TEMP-0964568-93C065	not yet assigned	?
webkit2gtk	CVE-2020-9983	not yet assigned	no
	CVE-2020-13543	not yet assigned	no
	CVE-2020-13558	not yet assigned	no
	CVE-2020-13584	not yet assigned	no
	CVE-2020-27918	not yet assigned	no
	CVE-2020-29623	not yet assigned	no
	CVE-2021-1765	not yet assigned	no
	CVE-2021-1788	not yet assigned	no
	CVE-2021-1789	not yet assigned	no
	CVE-2021-1799	not yet assigned	no
	CVE-2021-1801	not yet assigned	no
	CVE-2021-1844	not yet assigned	no
	CVE-2021-1870	not yet assigned	no
	CVE-2021-1871	not yet assigned	no
	CVE-2021-21775	not yet assigned	no
	CVE-2021-21779	not yet assigned	no
	CVE-2021-21806	not yet assigned	no
	CVE-2021-30663	not yet assigned	?
	CVE-2021-30665	not yet assigned	?
	CVE-2021-30682	not yet assigned	?
	CVE-2021-30689	not yet assigned	?
	CVE-2021-30720	not yet assigned	?
	CVE-2021-30734	not yet assigned	?
	CVE-2021-30744	not yet assigned	?
	CVE-2021-30749	not yet assigned	?
	CVE-2021-30758	not yet assigned	?
	CVE-2021-30795	not yet assigned	?
	CVE-2021-30797	not yet assigned	?
	CVE-2021-30799	not yet assigned	?
wolfssl	CVE-2021-24116	not yet assigned	no
	CVE-2021-37155	not yet assigned	no
yara	CVE-2021-3402	not yet assigned	no

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.