Vulnerable source packages among backports for stable

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
claws-mailCVE-2019-10735lowno
cyrus-imapdCVE-2024-34055not yet assignedno
emacsCVE-2024-39331not yet assignedno
erlang-joseCVE-2023-50966not yet assignedno
golang-1.19CVE-2023-24531not yet assignedno
CVE-2023-39318not yet assignedno
CVE-2023-39319not yet assignedno
CVE-2023-39323not yet assignedno
CVE-2023-39325not yet assignedno
CVE-2023-39326not yet assignedno
CVE-2023-45285not yet assignedno
CVE-2023-45287not yet assignedno
CVE-2023-45288not yet assignedno
CVE-2023-45289not yet assignedno
CVE-2023-45290not yet assignedno
CVE-2024-24783not yet assignedno
CVE-2024-24784not yet assignedno
CVE-2024-24785not yet assignedno
CVE-2024-24789not yet assignedno
CVE-2024-24790not yet assignedno
CVE-2024-24791not yet assignedno
golang-1.21CVE-2023-45288not yet assignedno
CVE-2024-24789not yet assignedno
CVE-2024-24790not yet assignedno
CVE-2024-24791not yet assignedno
golang-1.22CVE-2023-45288not yet assignedno
CVE-2024-24788not yet assignedno
CVE-2024-24789not yet assignedno
CVE-2024-24790not yet assignedno
CVE-2024-24791not yet assignedno
golang-github-containers-imageCVE-2024-3727not yet assignedno
golang-github-lucas-clemente-quic-goCVE-2023-49295not yet assignedno
CVE-2024-22189not yet assignedno
golang-gvisor-gvisorCVE-2023-7258not yet assignedno
grub2CVE-2024-2312not yet assignedno
linuxCVE-2013-7445not yet assignedno
CVE-2018-12928lowno
CVE-2019-15213not yet assignedno
CVE-2019-16089not yet assignedno
CVE-2019-19449not yet assignedno
CVE-2019-19814not yet assignedno
CVE-2019-20794not yet assignedno
CVE-2020-14304not yet assignedno
CVE-2020-36694not yet assignedno
CVE-2021-3847not yet assignedno
CVE-2021-3864not yet assignedno
CVE-2022-4543not yet assignedno
CVE-2023-0160not yet assignedno
CVE-2023-3397not yet assignedno
CVE-2023-4010not yet assignedno
CVE-2023-6238not yet assignedno
CVE-2023-6240not yet assignedno
CVE-2023-31082not yet assignedno
CVE-2023-37454not yet assignedno
CVE-2024-0564not yet assignedno
CVE-2024-2193not yet assignedno
CVE-2024-21803not yet assignedno
CVE-2024-22386not yet assignedno
CVE-2024-23848not yet assignedno
CVE-2024-24859not yet assignedno
CVE-2024-24864not yet assignedno
CVE-2024-25740not yet assignedno
CVE-2024-25741not yet assignedno
CVE-2024-39472not yet assignedno
CVE-2024-39486not yet assignedno
CVE-2024-39487not yet assignedno
CVE-2024-41007not yet assignedno
matrix-synapseCVE-2024-31208not yet assignedno
qemuCVE-2019-12067lowno
CVE-2020-25741not yet assignedno
CVE-2020-25742not yet assignedno
CVE-2020-25743not yet assignedno
CVE-2020-35503not yet assignedno
CVE-2021-3735not yet assignedno
CVE-2022-3872not yet assignedno
CVE-2022-36648not yet assignedno
CVE-2023-1386not yet assignedno
CVE-2024-6505not yet assignedno
sendmailCVE-2023-51765not yet assignedno
sngrepCVE-2024-3119not yet assignedno
CVE-2024-3120not yet assignedno
systemdCVE-2023-7008not yet assignedno
CVE-2023-50387not yet assignedno
CVE-2023-50868not yet assignedno
upx-uclCVE-2024-3209not yet assignedno
webkit2gtkCVE-2023-41983not yet assignedno
CVE-2023-42843not yet assignedno
CVE-2023-42852not yet assignedno
CVE-2023-42883not yet assignedno
CVE-2023-42916not yet assignedno
CVE-2023-42917not yet assignedno
CVE-2023-42950not yet assignedno
CVE-2023-42956not yet assignedno
CVE-2024-23206not yet assignedno
CVE-2024-23213not yet assignedno
CVE-2024-23222not yet assignedno
CVE-2024-23254not yet assignedno
CVE-2024-23263not yet assignedno
CVE-2024-23280not yet assignedno
CVE-2024-23284not yet assignedno
CVE-2024-27834not yet assignedno
xrdpCVE-2024-39917not yet assignedno
zchunkCVE-2023-46228not yet assignedno

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems