Vulnerable source packages among backports for stable

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
ansibleCVE-2018-10855not yet assignedno
CVE-2018-10874not yet assignedno
CVE-2018-10875not yet assignedno
antCVE-2018-10886not yet assignedno
TEMP-0904191-9063D5not yet assigned?
botanCVE-2018-12435not yet assignedno
CVE-2018-9860medium**yes
devscriptsCVE-2018-13043lowno
firmware-nonfree (non-free)CVE-2017-9417high**yes
glusterfsCVE-2018-10841not yet assignedno
h2oCVE-2018-0608not yet assignedno
htslibCVE-2018-13843lowno
CVE-2018-13844lowno
CVE-2018-13845lowno
jetty9CVE-2017-7656lowno
CVE-2017-7657lowno
CVE-2017-7658lowno
CVE-2018-12536not yet assignedno
jrubyCVE-2018-1000073medium**yes
CVE-2018-1000074medium**yes
CVE-2018-1000075medium**yes
CVE-2018-1000076high**yes
CVE-2018-1000077medium**yes
CVE-2018-1000078medium**yes
CVE-2018-1000079medium**yes
librelpCVE-2018-1000140high**yes
linuxCVE-2013-7445high**yes
CVE-2015-8553low**no
CVE-2016-10723not yet assignedno
CVE-2016-8660lowno
CVE-2017-1000379high**no
CVE-2018-1000026medium**yes
CVE-2018-10840not yet assignedno
CVE-2018-10876not yet assigned?
CVE-2018-10877not yet assignedno
CVE-2018-10878not yet assigned?
CVE-2018-10879not yet assigned?
CVE-2018-10880not yet assigned?
CVE-2018-10881not yet assigned?
CVE-2018-10882not yet assigned?
CVE-2018-10883not yet assigned?
CVE-2018-1118low**no
CVE-2018-11412medium**yes
CVE-2018-12232not yet assignedno
CVE-2018-12233not yet assignedno
CVE-2018-12633not yet assignedno
CVE-2018-12896not yet assignedno
CVE-2018-12928lowno
CVE-2018-12929not yet assignedno
CVE-2018-12930not yet assignedno
CVE-2018-12931not yet assignedno
CVE-2018-13053not yet assignedno
CVE-2018-13093not yet assignedno
CVE-2018-13094not yet assignedno
CVE-2018-13095not yet assignedno
CVE-2018-13096not yet assignedno
CVE-2018-13097not yet assignedno
CVE-2018-13098not yet assignedno
CVE-2018-13099not yet assignedno
CVE-2018-13100not yet assignedno
CVE-2018-13405not yet assignedno
CVE-2018-13406not yet assignedno
CVE-2018-3693medium**no
CVE-2018-7755medium**yes
linux-grsecCVE-2017-5715medium**no
CVE-2017-5753medium**no
CVE-2017-5754medium**no
nginxCVE-2013-0337lowyes
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5715medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5753medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5754medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6266medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6267medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6272high**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2018-6249high**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2018-6253medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6266medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6267medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6272high**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2018-6249high**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2018-6253medium**no
openjdk-9CVE-2017-10274medium**yes
CVE-2017-10281medium**yes
CVE-2017-10285medium**yes
CVE-2017-10295medium**yes
CVE-2017-10345low**yes
CVE-2017-10346medium**yes
CVE-2017-10347medium**yes
CVE-2017-10348medium**yes
CVE-2017-10349medium**yes
CVE-2017-10350medium**yes
CVE-2017-10355medium**yes
CVE-2017-10356low**no
CVE-2017-10357medium**yes
CVE-2017-10388medium**yes
CVE-2018-2579medium**yes
CVE-2018-2582medium**yes
CVE-2018-2588medium**yes
CVE-2018-2599medium**yes
CVE-2018-2602low**no
CVE-2018-2603medium**yes
CVE-2018-2618medium**yes
CVE-2018-2629low**yes
CVE-2018-2633medium**yes
CVE-2018-2634medium**yes
CVE-2018-2637medium**yes
CVE-2018-2641low**yes
CVE-2018-2663medium**yes
CVE-2018-2677medium**yes
CVE-2018-2678medium**yes
password-storeCVE-2018-12356not yet assignedno
pycryptodomeCVE-2018-6594medium**yes
qpdfCVE-2018-9918medium**yes
r-cran-havenCVE-2018-11364lowyes
CVE-2018-11365lowyes
ruby-doorkeeperCVE-2018-1000088medium**yes
CVE-2018-1000211not yet assignedno
ruby-grapeCVE-2018-3769not yet assignedno
ruby-net-ldapCVE-2017-17718medium**yes
systemdCVE-2018-6954high**no
tomcat8CVE-2018-8014high**yes
virtualbox (contrib)CVE-2018-3005not yet assignedno
virtualbox (contrib)CVE-2018-3055not yet assignedno
virtualbox (contrib)CVE-2018-3085not yet assignedno
virtualbox (contrib)CVE-2018-3086not yet assignedno
virtualbox (contrib)CVE-2018-3087not yet assignedno
virtualbox (contrib)CVE-2018-3088not yet assignedno
virtualbox (contrib)CVE-2018-3089not yet assignedno
virtualbox (contrib)CVE-2018-3090not yet assignedno
virtualbox (contrib)CVE-2018-3091not yet assignedno
wesnoth-1.14CVE-2018-1999023not yet assigned?
wineCVE-2018-12932lowno
CVE-2018-12933lowno
zabbixCVE-2017-2826lowyes

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems