Vulnerable source packages among backports for stable

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
ansibleCVE-2018-16876medium**yes
antCVE-2018-10886not yet assignedno
TEMP-0904191-9063D5not yet assigned?
asciidoctorCVE-2018-18385lowno
botanCVE-2018-12435low**no
CVE-2018-20187not yet assigned?
CVE-2018-9860medium**yes
cactiCVE-2018-20723low**yes
CVE-2018-20724low**yes
CVE-2018-20725low**yes
CVE-2018-20726low**yes
cephCVE-2018-14662not yet assignedno
CVE-2018-16846not yet assignedno
CVE-2018-16889low?
firmware-nonfree (non-free)CVE-2018-5383medium**yes
gitlab (contrib)CVE-2018-15472not yet assigned?
gitlab (contrib)CVE-2018-16049medium**yes
gitlab (contrib)CVE-2018-16050medium**yes
gitlab (contrib)CVE-2018-16051medium**yes
gitlab (contrib)CVE-2018-17449not yet assigned?
gitlab (contrib)CVE-2018-17450not yet assigned?
gitlab (contrib)CVE-2018-17451not yet assigned?
gitlab (contrib)CVE-2018-17452not yet assigned?
gitlab (contrib)CVE-2018-17453not yet assigned?
gitlab (contrib)CVE-2018-17454not yet assigned?
gitlab (contrib)CVE-2018-17455not yet assigned?
gitlab (contrib)CVE-2018-17536not yet assigned?
gitlab (contrib)CVE-2018-17537not yet assigned?
gitlab (contrib)CVE-2018-17939not yet assignedno
gitlab (contrib)CVE-2018-17975not yet assignedno
gitlab (contrib)CVE-2018-17976medium**yes
gitlab (contrib)CVE-2018-18640medium**yes
gitlab (contrib)CVE-2018-18641medium**yes
gitlab (contrib)CVE-2018-18645medium**yes
gitlab (contrib)CVE-2018-18646medium**yes
gitlab (contrib)CVE-2018-19359not yet assigned?
gitlab (contrib)CVE-2018-19493not yet assigned?
gitlab (contrib)CVE-2018-19494not yet assigned?
gitlab (contrib)CVE-2018-19495not yet assigned?
gitlab (contrib)CVE-2018-19496not yet assigned?
gitlab (contrib)CVE-2018-19569not yet assigned?
gitlab (contrib)CVE-2018-19570not yet assigned?
gitlab (contrib)CVE-2018-19571not yet assigned?
gitlab (contrib)CVE-2018-19572not yet assigned?
gitlab (contrib)CVE-2018-19573not yet assigned?
gitlab (contrib)CVE-2018-19574not yet assigned?
gitlab (contrib)CVE-2018-19575not yet assigned?
gitlab (contrib)CVE-2018-19576not yet assigned?
gitlab (contrib)CVE-2018-19577not yet assigned?
gitlab (contrib)CVE-2018-19580not yet assigned?
gitlab (contrib)CVE-2018-19583not yet assigned?
gitlab (contrib)CVE-2018-19585not yet assigned?
gitlab (contrib)CVE-2018-20144not yet assigned?
gitlab (contrib)CVE-2018-20229not yet assigned?
gitlab (contrib)CVE-2018-20488not yet assigned?
gitlab (contrib)CVE-2018-20489not yet assigned?
gitlab (contrib)CVE-2018-20490not yet assigned?
gitlab (contrib)CVE-2018-20491not yet assigned?
gitlab (contrib)CVE-2018-20492not yet assigned?
gitlab (contrib)CVE-2018-20493not yet assigned?
gitlab (contrib)CVE-2018-20494not yet assigned?
gitlab (contrib)CVE-2018-20495not yet assigned?
gitlab (contrib)CVE-2018-20496not yet assigned?
gitlab (contrib)CVE-2018-20497not yet assigned?
gitlab (contrib)CVE-2018-20498not yet assigned?
gitlab (contrib)CVE-2018-20499not yet assigned?
gitlab (contrib)CVE-2018-20500not yet assigned?
gitlab (contrib)CVE-2018-20501not yet assigned?
gitlab (contrib)CVE-2018-20507not yet assigned?
gitlab (contrib)CVE-2019-6240not yet assigned?
gitlab (contrib)TEMP-0000000-077068not yet assigned?
gitlab (contrib)TEMP-0000000-DE2DCDnot yet assigned?
glusterfsCVE-2018-14651medium**yes
CVE-2018-14652medium**yes
CVE-2018-14653medium**yes
CVE-2018-14654high**yes
CVE-2018-14659medium**yes
CVE-2018-14660not yet assignedno
CVE-2018-14661not yet assignedno
golang-golang-x-net-devCVE-2018-17846medium**yes
CVE-2018-17847lowyes
CVE-2018-17848lowyes
h2oCVE-2018-0608high**yes
htslibCVE-2018-13843lowyes
CVE-2018-13844lowyes
CVE-2018-13845lowyes
jrubyCVE-2018-1000073medium**yes
CVE-2018-1000074medium**yes
CVE-2018-1000075medium**yes
CVE-2018-1000076high**yes
CVE-2018-1000077medium**yes
CVE-2018-1000078medium**yes
CVE-2018-1000079medium**yes
knot-resolverCVE-2018-10920medium**yes
libsshCVE-2018-10933medium**yes
linuxCVE-2013-7445high**yes
CVE-2015-8553low**no
CVE-2016-10723medium**no
CVE-2016-8660lowno
CVE-2017-0630low**yes
CVE-2017-1000379high**no
CVE-2018-1000026medium**yes
CVE-2018-12928lowno
CVE-2018-12929medium**no
CVE-2018-12930high**no
CVE-2018-12931high**no
CVE-2018-16882not yet assignedno
CVE-2018-16884not yet assignedno
CVE-2018-19985not yet assigned?
CVE-2018-3693medium**no
CVE-2019-3459not yet assigned?
CVE-2019-3460not yet assigned?
CVE-2019-5489not yet assignedno
linux-grsecCVE-2017-5715medium**no
CVE-2017-5753medium**no
CVE-2017-5754medium**no
modsecurity-crsCVE-2018-16384lowyes
mumbleTEMP-0919249-E10379not yet assigned?
network-managerCVE-2012-1096low?
nginxCVE-2013-0337lowyes
nvidia-graphics-drivers (non-free)CVE-2018-6260low**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5715medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5753medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5754medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6266medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6267medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6272high**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2018-6249high**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2018-6253medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2018-6260low**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6266medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6267medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6272high**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2018-6249high**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2018-6253medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2018-6260low**no
nvidia-graphics-drivers-legacy-390xx (non-free)CVE-2018-6260low**no
openjdk-11CVE-2018-12438lowno
CVE-2019-2422medium**yes
otrs2 (non-free)CVE-2018-19142low**yes
otrs2 (non-free)CVE-2018-19143medium**yes
password-storeCVE-2018-12356high**yes
phpldapadminCVE-2017-11107medium**yes
pycryptodomeCVE-2018-6594medium**yes
python-pysaml2CVE-2016-10127lowyes
CVE-2017-1000433medium**yes
qpdfCVE-2018-18020medium**yes
CVE-2018-9918medium**yes
r-cran-igraphCVE-2018-20349medium**yes
rabbitmq-serverCVE-2018-1279low**yes
railsCVE-2018-16476medium**yes
CVE-2018-16477medium**yes
ruby-grapeCVE-2018-3769medium**yes
ruby-loofahCVE-2018-16468low**yes
ruby-net-ldapCVE-2017-17718medium**yes
ruby-rackCVE-2018-16471not yet assignedno
svgppCVE-2019-6245not yet assignedno
CVE-2019-6246not yet assignedno
CVE-2019-6247not yet assignedno
sysstatCVE-2018-19416lowyes
CVE-2018-19517lowyes
systemdCVE-2018-16864not yet assignedno
CVE-2018-16865not yet assignedno
CVE-2018-16866not yet assignedno
telegram-desktopCVE-2018-17613medium**yes
CVE-2018-17780medium**yes
virtualbox (contrib)CVE-2019-2446low**no
virtualbox (contrib)CVE-2019-2448low**no
virtualbox (contrib)CVE-2019-2450low**no
virtualbox (contrib)CVE-2019-2451low**no
virtualbox (contrib)CVE-2019-2500medium**no
virtualbox (contrib)CVE-2019-2501low**no
virtualbox (contrib)CVE-2019-2504low**no
virtualbox (contrib)CVE-2019-2505low**no
virtualbox (contrib)CVE-2019-2506low**no
virtualbox (contrib)CVE-2019-2508medium**no
virtualbox (contrib)CVE-2019-2509medium**no
virtualbox (contrib)CVE-2019-2511high**yes
virtualbox (contrib)CVE-2019-2520medium**no
virtualbox (contrib)CVE-2019-2521medium**no
virtualbox (contrib)CVE-2019-2522medium**no
virtualbox (contrib)CVE-2019-2523medium**no
virtualbox (contrib)CVE-2019-2524medium**no
virtualbox (contrib)CVE-2019-2525low**no
virtualbox (contrib)CVE-2019-2526medium**no
virtualbox (contrib)CVE-2019-2527low**no
virtualbox (contrib)CVE-2019-2548medium**no
virtualbox (contrib)CVE-2019-2552medium**no
virtualbox (contrib)CVE-2019-2553low**no
virtualbox (contrib)CVE-2019-2554low**no
virtualbox (contrib)CVE-2019-2555low**no
virtualbox (contrib)CVE-2019-2556low**no
virtualbox (contrib)CVE-2019-3309not yet assigned?
wineCVE-2018-12932lowyes
CVE-2018-12933lowyes
zabbixCVE-2017-2826lowyes
zoneminderCVE-2018-1000832not yet assignedno
CVE-2018-1000833not yet assignedno

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems