Vulnerable source packages among backports for stable

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
claws-mailCVE-2019-10735lowno
golang-1.19CVE-2023-39318not yet assignedno
CVE-2023-39319not yet assignedno
CVE-2023-39323not yet assignedno
CVE-2023-39325not yet assignedno
linuxCVE-2013-7445not yet assignedno
CVE-2018-12928lowno
CVE-2019-15213not yet assignedno
CVE-2019-16089not yet assignedno
CVE-2019-19449not yet assignedno
CVE-2019-19814not yet assignedno
CVE-2019-20794not yet assignedno
CVE-2020-14304not yet assignedno
CVE-2020-36694not yet assignedno
CVE-2021-3847not yet assignedno
CVE-2021-3864not yet assignedno
CVE-2022-4543not yet assignedno
CVE-2023-0160not yet assignedno
CVE-2023-1192not yet assignedno
CVE-2023-3397not yet assignedno
CVE-2023-3640not yet assignedno
CVE-2023-4010not yet assignedno
CVE-2023-6111not yet assignedno
CVE-2023-6121not yet assignedno
CVE-2023-6238not yet assignedno
CVE-2023-31082not yet assignedno
CVE-2023-37454not yet assignedno
CVE-2023-47233not yet assignedno
mosquittoCVE-2023-0809not yet assignedno
CVE-2023-3592not yet assignedno
CVE-2023-28366not yet assignedno
qemuCVE-2019-12067lowno
CVE-2020-25741not yet assignedno
CVE-2020-25742not yet assignedno
CVE-2020-25743not yet assignedno
CVE-2020-35503not yet assignedno
CVE-2021-3735not yet assignedno
CVE-2022-3872not yet assignedno
CVE-2022-36648not yet assignedno
CVE-2023-1386not yet assignedno
CVE-2023-3019not yet assignedno
sambaCVE-2018-14628not yet assignedno
CVE-2023-3961not yet assignedno
CVE-2023-4091not yet assignedno
CVE-2023-4154not yet assignedno
CVE-2023-5568not yet assignedno
CVE-2023-42669not yet assignedno
CVE-2023-42670not yet assignedno
webkit2gtkCVE-2023-41983not yet assignedno
CVE-2023-42852not yet assignedno
zchunkCVE-2023-46228not yet assignedno
zfs-linux (contrib)CVE-2013-20001not yet assignedno
CVE-2023-49298not yet assignedno

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems