Vulnerable source packages among backports for stable

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
ansibleCVE-2018-16837not yet assignedno
CVE-2018-16876not yet assigned?
antCVE-2018-10886not yet assignedno
TEMP-0904191-9063D5not yet assigned?
asciidoctorCVE-2018-18385lowno
botanCVE-2018-12435low**no
CVE-2018-9860medium**yes
glusterfsCVE-2018-14651medium**yes
CVE-2018-14652not yet assignedno
CVE-2018-14653not yet assignedno
CVE-2018-14654not yet assignedno
CVE-2018-14659medium**yes
CVE-2018-14660not yet assignedno
CVE-2018-14661not yet assignedno
golang-golang-x-net-devCVE-2018-17846medium**yes
CVE-2018-17847lowyes
CVE-2018-17848lowyes
h2oCVE-2018-0608high**yes
haproxyCVE-2018-20102not yet assigned?
CVE-2018-20103not yet assigned?
htslibCVE-2018-13843lowyes
CVE-2018-13844lowyes
CVE-2018-13845lowyes
jrubyCVE-2018-1000073medium**yes
CVE-2018-1000074medium**yes
CVE-2018-1000075medium**yes
CVE-2018-1000076high**yes
CVE-2018-1000077medium**yes
CVE-2018-1000078medium**yes
CVE-2018-1000079medium**yes
knot-resolverCVE-2018-10920medium**yes
libsshCVE-2018-10933medium**yes
linuxCVE-2013-7445high**yes
CVE-2015-8553low**no
CVE-2016-10723medium**no
CVE-2016-8660lowno
CVE-2017-0630low**yes
CVE-2017-1000379high**no
CVE-2018-1000026medium**yes
CVE-2018-1128medium**yes
CVE-2018-1129low**yes
CVE-2018-12896low**no
CVE-2018-12928lowno
CVE-2018-12929medium**no
CVE-2018-12930high**no
CVE-2018-12931high**no
CVE-2018-13053low**no
CVE-2018-13096medium**yes
CVE-2018-13097medium**yes
CVE-2018-13098medium**yes
CVE-2018-13099medium**yes
CVE-2018-13100medium**yes
CVE-2018-14609high**yes
CVE-2018-14610high**yes
CVE-2018-14611high**yes
CVE-2018-14612high**yes
CVE-2018-14613high**yes
CVE-2018-14614high**yes
CVE-2018-14615high**yes
CVE-2018-14616high**yes
CVE-2018-14617high**yes
CVE-2018-14625medium**no
CVE-2018-14633high**yes
CVE-2018-15471medium**no
CVE-2018-16862not yet assignedno
CVE-2018-17182high**no
CVE-2018-17972medium**no
CVE-2018-18021low**no
CVE-2018-18281not yet assignedno
CVE-2018-18397not yet assigned?
CVE-2018-18445high**no
CVE-2018-18710low**no
CVE-2018-18955not yet assignedno
CVE-2018-19407not yet assignedno
CVE-2018-19824not yet assignedno
CVE-2018-19854not yet assignedno
CVE-2018-3693medium**no
CVE-2018-7755low**no
linux-grsecCVE-2017-5715medium**no
CVE-2017-5753medium**no
CVE-2017-5754medium**no
modsecurity-crsCVE-2018-16384lowyes
network-managerCVE-2012-1096low?
nginxCVE-2013-0337lowyes
nvidia-graphics-drivers (non-free)CVE-2018-6260not yet assignedno
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5715medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5753medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5754medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6266medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6267medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6272high**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2018-6249high**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2018-6253medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2018-6260not yet assignedno
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6266medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6267medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6272high**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2018-6249high**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2018-6253medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2018-6260not yet assignedno
openjdk-11CVE-2018-12438lowno
otrs2 (non-free)CVE-2018-19142not yet assignedno
otrs2 (non-free)CVE-2018-19143not yet assignedno
password-storeCVE-2018-12356high**yes
phpldapadminCVE-2017-11107medium**yes
pycryptodomeCVE-2018-6594medium**yes
python-pysaml2CVE-2016-10127lowyes
CVE-2017-1000433medium**yes
qpdfCVE-2018-18020medium**yes
CVE-2018-9918medium**yes
railsCVE-2018-16476not yet assignedno
ruby-grapeCVE-2018-3769medium**yes
ruby-loofahCVE-2018-16468not yet assignedno
ruby-net-ldapCVE-2017-17718medium**yes
ruby-rackCVE-2018-16471not yet assignedno
ruby-sanitizeCVE-2018-3740medium**yes
suricataCVE-2018-14568medium**yes
CVE-2018-18956not yet assignedno
sysstatCVE-2018-19416lowno
CVE-2018-19517lowno
telegram-desktopCVE-2018-17613medium**yes
CVE-2018-17780medium**yes
wineCVE-2018-12932lowyes
CVE-2018-12933lowyes
zabbixCVE-2017-2826lowyes

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems