Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.
| Package | Bug | Urgency | Remote |
|---|---|---|---|
| firmware-nonfree | CVE-2017-9417 | high** | yes |
| intel-microcode | CVE-2018-3639 | not yet assigned | no |
| CVE-2018-3640 | not yet assigned | no | |
| nvidia-graphics-drivers-legacy-304xx | CVE-2017-5715 | medium** | no |
| CVE-2017-5753 | medium** | no | |
| CVE-2017-5754 | medium** | no | |
| CVE-2017-6266 | medium** | no | |
| CVE-2017-6267 | medium** | no | |
| CVE-2017-6272 | high** | no | |
| CVE-2018-6249 | high** | no | |
| CVE-2018-6253 | medium** | no | |
| nvidia-graphics-drivers-legacy-340xx | CVE-2017-6266 | medium** | no |
| CVE-2017-6267 | medium** | no | |
| CVE-2017-6272 | high** | no | |
| CVE-2018-6249 | high** | no | |
| CVE-2018-6253 | medium** | no | |
| otrs2 | CVE-2017-16854 | medium** | yes |
| CVE-2017-16921 | high** | yes | |
| CVE-2017-17476 | medium** | yes |
If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.