Vulnerable source packages in the testing suite

Candidates for DTSAs

Package	Bug	Urgency	Remote	Status
activemq	CVE-2021-26117	not yet assigned	no	unstable is vulnerable
ansible	CVE-2021-20178	not yet assigned	?	unstable is vulnerable
	CVE-2021-20180	not yet assigned	?	unstable is vulnerable
	CVE-2021-20191	not yet assigned	?	unstable is vulnerable
	CVE-2021-20228	not yet assigned	?	fixed in unstable
asterisk	CVE-2020-35776	not yet assigned	no	fixed in unstable
	CVE-2021-26717	not yet assigned	no	fixed in unstable
	CVE-2021-26906	not yet assigned	no	fixed in unstable
audacity	CVE-2020-11867	not yet assigned	no	fixed in unstable
batik	CVE-2020-11987	not yet assigned	no	unstable is vulnerable
bsdiff	CVE-2020-14315	not yet assigned	no	unstable is vulnerable
c3p0	CVE-2019-5427	low	no	unstable is vulnerable
cakephp	CVE-2020-15400	not yet assigned	no	unstable is vulnerable
ceph	CVE-2020-25678	not yet assigned	no	unstable is vulnerable
	CVE-2020-27781	not yet assigned	no	unstable is vulnerable
	CVE-2020-27839	not yet assigned	?	unstable is vulnerable
cimg	CVE-2018-7587	low	no	unstable is vulnerable
civicrm	CVE-2021-21252	not yet assigned	no	unstable is vulnerable
ckeditor	CVE-2021-26271	not yet assigned	no	unstable is vulnerable
	CVE-2021-26272	not yet assigned	no	unstable is vulnerable
cmark-gfm	CVE-2020-5238	not yet assigned	no	unstable is vulnerable
crmsh	CVE-2020-35459	not yet assigned	no	unstable is vulnerable
dogtag-pki	CVE-2019-10178	not yet assigned	no	unstable is vulnerable
	CVE-2019-10180	not yet assigned	no	unstable is vulnerable
	CVE-2020-1696	not yet assigned	no	unstable is vulnerable
dojo	CVE-2020-4051	not yet assigned	no	unstable is vulnerable
edk2	CVE-2019-14560	not yet assigned	?	unstable is vulnerable
etcd	CVE-2018-1098	low	no	unstable is vulnerable
	CVE-2018-1099	low	no	unstable is vulnerable
firefox-esr	CVE-2021-23968	not yet assigned	no	fixed in unstable
	CVE-2021-23969	not yet assigned	no	fixed in unstable
	CVE-2021-23973	not yet assigned	no	fixed in unstable
	CVE-2021-23978	not yet assigned	no	fixed in unstable
firmware-nonfree (non-free)	CVE-2020-12313	not yet assigned	no	unstable is vulnerable
	CVE-2020-12317	not yet assigned	no	unstable is vulnerable
	CVE-2020-12319	not yet assigned	no	unstable is vulnerable
	CVE-2020-12321	not yet assigned	no	unstable is vulnerable
freediameter	CVE-2020-6098	not yet assigned	no	unstable is vulnerable
gitlab-ci-multi-runner	CVE-2020-13295	not yet assigned	no	unstable is vulnerable
	CVE-2020-13327	not yet assigned	no	unstable is vulnerable
glibc	CVE-2021-27645	not yet assigned	no	unstable is vulnerable
	CVE-2021-3326	not yet assigned	no	unstable is vulnerable
gnome-autoar	CVE-2020-36241	not yet assigned	no	unstable is vulnerable
godot	CVE-2021-26825	not yet assigned	no	unstable is vulnerable
	CVE-2021-26826	not yet assigned	no	unstable is vulnerable
golang-1.15	CVE-2020-29510	not yet assigned	no	unstable is vulnerable
	CVE-2020-29511	not yet assigned	no	unstable is vulnerable
golang-github-appc-cni	CVE-2021-20206	not yet assigned	?	fixed in unstable
golang-github-gin-gonic-gin	CVE-2020-28483	not yet assigned	no	unstable is vulnerable
golang-github-nats-io-jwt	CVE-2020-26521	not yet assigned	no	unstable is vulnerable
	CVE-2020-26892	not yet assigned	no	unstable is vulnerable
golang-github-russellhaering-goxmldsig	CVE-2020-7711	not yet assigned	no	unstable is vulnerable
golang-golang-x-text	CVE-2020-28851	not yet assigned	no	unstable is vulnerable
google-compute-image-packages	CVE-2020-8903	not yet assigned	no	unstable is vulnerable
	CVE-2020-8907	not yet assigned	no	unstable is vulnerable
	CVE-2020-8933	not yet assigned	no	unstable is vulnerable
google-oauth-client-java	CVE-2020-7692	not yet assigned	no	unstable is vulnerable
gradle	CVE-2019-16370	low	no	unstable is vulnerable
gsoap	CVE-2020-13574	not yet assigned	no	unstable is vulnerable
	CVE-2020-13575	not yet assigned	no	unstable is vulnerable
	CVE-2020-13576	not yet assigned	no	unstable is vulnerable
	CVE-2020-13577	not yet assigned	no	unstable is vulnerable
	CVE-2020-13578	not yet assigned	no	unstable is vulnerable
hdf5	CVE-2018-17432	not yet assigned	no	unstable is vulnerable
	CVE-2019-8397	not yet assigned	no	unstable is vulnerable
imagemagick	CVE-2021-20241	not yet assigned	?	unstable is vulnerable
	CVE-2021-20244	not yet assigned	?	unstable is vulnerable
	CVE-2021-20245	not yet assigned	?	unstable is vulnerable
	CVE-2021-20246	not yet assigned	?	unstable is vulnerable
iotjs	CVE-2020-24344	not yet assigned	no	unstable is vulnerable
ipmitool	CVE-2020-5208	not yet assigned	no	fixed in unstable
isync	CVE-2021-20247	not yet assigned	no	fixed in unstable
jackson-dataformat-cbor	CVE-2020-28491	not yet assigned	no	unstable is vulnerable
jakarta-jmeter	CVE-2018-1287	low	no	unstable is vulnerable
	CVE-2018-1297	low	no	unstable is vulnerable
	CVE-2019-0187	not yet assigned	no	unstable is vulnerable
jetty9	CVE-2020-27223	not yet assigned	no	fixed in unstable
jinja2	CVE-2020-28493	not yet assigned	no	fixed in unstable
jodd	CVE-2018-21234	not yet assigned	no	unstable is vulnerable
jython	CVE-2019-16935	not yet assigned	no	unstable is vulnerable
kubernetes	CVE-2020-29652	not yet assigned	no	unstable is vulnerable
	CVE-2020-8554	not yet assigned	no	unstable is vulnerable
libapache-poi-java	CVE-2019-12415	not yet assigned	no	unstable is vulnerable
libcaca	CVE-2021-3410	not yet assigned	no	unstable is vulnerable
libhibernate-validator-java	CVE-2019-10219	not yet assigned	no	unstable is vulnerable
	CVE-2020-10693	not yet assigned	no	unstable is vulnerable
libjgroups-java	CVE-2016-2141	low	no	unstable is vulnerable
libpodofo	CVE-2018-8002	low	no	unstable is vulnerable
libxml-security-java	CVE-2019-12400	not yet assigned	no	unstable is vulnerable
linux	CVE-2018-12928	low	no	unstable is vulnerable
	CVE-2017-0630	not yet assigned	no	unstable is vulnerable
	CVE-2018-3693	not yet assigned	no	unstable is vulnerable
	CVE-2019-15794	not yet assigned	no	unstable is vulnerable
	CVE-2019-19378	not yet assigned	no	unstable is vulnerable
	CVE-2019-19449	not yet assigned	no	unstable is vulnerable
	CVE-2019-19814	not yet assigned	no	unstable is vulnerable
	CVE-2019-20794	not yet assigned	no	unstable is vulnerable
	CVE-2020-11725	not yet assigned	no	unstable is vulnerable
	CVE-2020-12362	not yet assigned	no	unstable is vulnerable
	CVE-2020-12363	not yet assigned	no	unstable is vulnerable
	CVE-2020-12364	not yet assigned	no	unstable is vulnerable
	CVE-2020-14304	not yet assigned	no	unstable is vulnerable
	CVE-2020-15802	not yet assigned	no	unstable is vulnerable
	CVE-2020-16119	not yet assigned	no	unstable is vulnerable
	CVE-2020-25639	not yet assigned	?	unstable is vulnerable
	CVE-2020-25670	not yet assigned	?	unstable is vulnerable
	CVE-2020-25671	not yet assigned	?	unstable is vulnerable
	CVE-2020-25672	not yet assigned	?	unstable is vulnerable
	CVE-2020-25673	not yet assigned	?	unstable is vulnerable
	CVE-2020-26541	not yet assigned	no	unstable is vulnerable
	CVE-2020-27820	not yet assigned	?	unstable is vulnerable
	CVE-2020-35501	not yet assigned	?	unstable is vulnerable
	CVE-2021-20194	not yet assigned	no	unstable is vulnerable
	CVE-2021-26930	not yet assigned	no	unstable is vulnerable
	CVE-2021-26931	not yet assigned	no	unstable is vulnerable
	CVE-2021-26932	not yet assigned	no	unstable is vulnerable
log4net	CVE-2018-1285	low	no	unstable is vulnerable
lua5.3	CVE-2019-6706	not yet assigned	no	unstable is vulnerable
	CVE-2020-24370	not yet assigned	no	unstable is vulnerable
lucene-solr	CVE-2020-13941	not yet assigned	no	fixed in unstable
lxc-templates	CVE-2017-18641	not yet assigned	no	unstable is vulnerable
modsecurity-crs	CVE-2018-16384	low	no	unstable is vulnerable
mongo-java-driver	CVE-2021-20328	not yet assigned	no	unstable is vulnerable
mumble	CVE-2021-27229	not yet assigned	no	fixed in unstable
mupdf	CVE-2021-3407	not yet assigned	no	unstable is vulnerable
mxml	CVE-2018-20592	low	no	unstable is vulnerable
	CVE-2018-20593	low	no	unstable is vulnerable
node-elliptic	CVE-2020-28498	not yet assigned	no	unstable is vulnerable
node-lodash	CVE-2020-28500	not yet assigned	no	unstable is vulnerable
	CVE-2021-23337	not yet assigned	no	unstable is vulnerable
node-node-sass	CVE-2020-24025	not yet assigned	no	unstable is vulnerable
node-prismjs	CVE-2021-23341	not yet assigned	no	unstable is vulnerable
node-static-eval	CVE-2021-23334	not yet assigned	no	unstable is vulnerable
node-url-parse	CVE-2021-27515	not yet assigned	no	unstable is vulnerable
nodejs	CVE-2021-22883	not yet assigned	?	fixed in unstable
	CVE-2021-22884	not yet assigned	?	fixed in unstable
nova	CVE-2015-9543	not yet assigned	no	unstable is vulnerable
nss	CVE-2020-12413	not yet assigned	?	unstable is vulnerable
nvidia-graphics-drivers-tesla-440 (non-free)	CVE-2021-1056	not yet assigned	no	unstable is vulnerable
opendmarc	CVE-2019-20790	not yet assigned	no	unstable is vulnerable
	CVE-2020-12272	not yet assigned	no	unstable is vulnerable
openjpeg2	CVE-2019-6988	low	no	unstable is vulnerable
openrc	CVE-2018-21269	not yet assigned	no	unstable is vulnerable
openssh	CVE-2018-15919	low	no	unstable is vulnerable
otrs2 (non-free)	CVE-2021-21252	not yet assigned	no	unstable is vulnerable
phpldapadmin	CVE-2020-35132	not yet assigned	no	unstable is vulnerable
phppgadmin	CVE-2019-10784	not yet assigned	no	unstable is vulnerable
poppler	CVE-2019-9543	low	no	unstable is vulnerable
	CVE-2019-9545	low	no	unstable is vulnerable
pupnp-1.8	CVE-2020-12695	not yet assigned	no	unstable is vulnerable
	CVE-2020-13848	not yet assigned	no	unstable is vulnerable
pypy	CVE-2019-16935	low	no	unstable is vulnerable
pypy3	CVE-2021-23336	not yet assigned	no	fixed in unstable
python-aiohttp	CVE-2021-21330	not yet assigned	no	fixed in unstable
python-autobahn	CVE-2020-35678	not yet assigned	no	unstable is vulnerable
python-cmarkgfm	CVE-2020-5238	not yet assigned	no	unstable is vulnerable
python-django-celery-results	CVE-2020-17495	not yet assigned	no	unstable is vulnerable
python-httplib2	CVE-2021-21240	not yet assigned	no	unstable is vulnerable
python-libnmap	CVE-2019-1010017	low	no	unstable is vulnerable
python-reportlab	CVE-2020-28463	not yet assigned	no	unstable is vulnerable
python-rsa	CVE-2020-13757	not yet assigned	no	unstable is vulnerable
	CVE-2020-25658	not yet assigned	no	unstable is vulnerable
python2.7	CVE-2019-20907	low	no	fixed in unstable
	CVE-2020-8492	low	no	fixed in unstable
	CVE-2021-3177	not yet assigned	no	fixed in unstable
python3.9	CVE-2021-23336	not yet assigned	no	fixed in unstable
pyyaml	CVE-2020-14343	not yet assigned	no	unstable is vulnerable
qemu	CVE-2019-12067	low	?	unstable is vulnerable
	CVE-2020-15469	low	no	unstable is vulnerable
	CVE-2020-17380	not yet assigned	no	unstable is vulnerable
	CVE-2020-25741	not yet assigned	no	unstable is vulnerable
	CVE-2020-25742	not yet assigned	no	unstable is vulnerable
	CVE-2020-25743	not yet assigned	no	unstable is vulnerable
	CVE-2020-29443	not yet assigned	no	unstable is vulnerable
	CVE-2021-20196	not yet assigned	?	unstable is vulnerable
	CVE-2021-20203	not yet assigned	no	unstable is vulnerable
	CVE-2021-20255	not yet assigned	?	unstable is vulnerable
	CVE-2021-20257	not yet assigned	?	unstable is vulnerable
	CVE-2021-3392	not yet assigned	?	unstable is vulnerable
	CVE-2021-3409	not yet assigned	?	unstable is vulnerable
	CVE-2021-3416	not yet assigned	?	unstable is vulnerable
rabbitmq-server	CVE-2019-11287	not yet assigned	no	unstable is vulnerable
	CVE-2019-11291	not yet assigned	no	unstable is vulnerable
rbenv	CVE-2017-1000047	not yet assigned	no	unstable is vulnerable
re2c	CVE-2018-21232	not yet assigned	no	unstable is vulnerable
redis	CVE-2021-21309	not yet assigned	no	fixed in unstable
resteasy3.0	CVE-2020-25633	not yet assigned	no	unstable is vulnerable
	CVE-2020-25724	not yet assigned	?	unstable is vulnerable
ruby-carrierwave	CVE-2021-21288	not yet assigned	no	unstable is vulnerable
	CVE-2021-21305	not yet assigned	no	unstable is vulnerable
ruby-omniauth	CVE-2015-9284	not yet assigned	no	unstable is vulnerable
ruby-twitter-stream	CVE-2020-24392	not yet assigned	no	unstable is vulnerable
rust-arc-swap	CVE-2020-35711	not yet assigned	no	unstable is vulnerable
rust-failure	CVE-2020-25575	low	no	unstable is vulnerable
	CVE-2019-25010	not yet assigned	no	unstable is vulnerable
rust-http	CVE-2020-25574	low	no	unstable is vulnerable
	CVE-2019-25008	not yet assigned	no	unstable is vulnerable
	CVE-2019-25009	not yet assigned	no	unstable is vulnerable
rust-hyper	CVE-2021-21299	not yet assigned	no	unstable is vulnerable
rust-kamadak-exif	CVE-2021-21235	not yet assigned	no	unstable is vulnerable
rust-lock-api	CVE-2020-35910	not yet assigned	no	unstable is vulnerable
	CVE-2020-35911	not yet assigned	no	unstable is vulnerable
	CVE-2020-35912	not yet assigned	no	unstable is vulnerable
	CVE-2020-35913	not yet assigned	no	unstable is vulnerable
	CVE-2020-35914	not yet assigned	no	unstable is vulnerable
rust-rand-core	CVE-2021-27378	not yet assigned	no	unstable is vulnerable
rust-rgb	CVE-2020-25016	not yet assigned	no	unstable is vulnerable
rust-sized-chunks	CVE-2020-25791	not yet assigned	no	unstable is vulnerable
	CVE-2020-25792	not yet assigned	no	unstable is vulnerable
	CVE-2020-25793	not yet assigned	no	unstable is vulnerable
	CVE-2020-25794	not yet assigned	no	unstable is vulnerable
	CVE-2020-25795	not yet assigned	no	unstable is vulnerable
	CVE-2020-25796	not yet assigned	no	unstable is vulnerable
rust-smallvec	CVE-2021-25900	not yet assigned	no	unstable is vulnerable
salt	CVE-2020-28243	not yet assigned	no	unstable is vulnerable
	CVE-2020-28972	not yet assigned	no	unstable is vulnerable
	CVE-2020-35662	not yet assigned	no	unstable is vulnerable
	CVE-2021-25281	not yet assigned	no	unstable is vulnerable
	CVE-2021-25282	not yet assigned	no	unstable is vulnerable
	CVE-2021-25283	not yet assigned	no	unstable is vulnerable
	CVE-2021-25284	not yet assigned	no	unstable is vulnerable
	CVE-2021-3144	not yet assigned	no	unstable is vulnerable
	CVE-2021-3148	not yet assigned	no	unstable is vulnerable
	CVE-2021-3197	not yet assigned	no	unstable is vulnerable
shiro	CVE-2019-12422	low	no	unstable is vulnerable
	CVE-2020-11989	not yet assigned	no	unstable is vulnerable
	CVE-2020-13933	not yet assigned	no	unstable is vulnerable
	CVE-2020-17510	not yet assigned	no	unstable is vulnerable
	CVE-2020-17523	not yet assigned	no	unstable is vulnerable
	CVE-2020-1957	not yet assigned	no	unstable is vulnerable
smarty3	CVE-2021-26119	not yet assigned	no	fixed in unstable
	CVE-2021-26120	not yet assigned	no	fixed in unstable
snapd	CVE-2020-27352	not yet assigned	?	fixed in unstable
software-properties	CVE-2020-15709	not yet assigned	no	unstable is vulnerable
spice	CVE-2021-20201	not yet assigned	?	unstable is vulnerable
steghide	CVE-2021-27211	not yet assigned	no	unstable is vulnerable
stunnel4	CVE-2021-20230	not yet assigned	no	unstable is vulnerable
three.js	CVE-2020-28496	not yet assigned	no	unstable is vulnerable
thrift	CVE-2019-11939	not yet assigned	no	unstable is vulnerable
	CVE-2020-13949	not yet assigned	no	unstable is vulnerable
thunderbird	CVE-2021-23968	not yet assigned	no	fixed in unstable
	CVE-2021-23969	not yet assigned	no	fixed in unstable
	CVE-2021-23973	not yet assigned	no	fixed in unstable
	CVE-2021-23978	not yet assigned	no	fixed in unstable
tika	CVE-2020-9489	not yet assigned	no	unstable is vulnerable
u-boot	CVE-2021-27097	not yet assigned	no	unstable is vulnerable
	CVE-2021-27138	not yet assigned	no	unstable is vulnerable
wordpress	CVE-2012-6707	not yet assigned	no	unstable is vulnerable
	CVE-2018-14028	not yet assigned	no	unstable is vulnerable
wpa	CVE-2021-27803	not yet assigned	no	fixed in unstable
xdg-utils	CVE-2020-27748	not yet assigned	?	unstable is vulnerable
xen	CVE-2021-26933	not yet assigned	no	fixed in unstable
	CVE-2021-3308	not yet assigned	no	fixed in unstable
xmlgraphics-commons	CVE-2020-11988	not yet assigned	no	unstable is vulnerable
yara	CVE-2019-19648	not yet assigned	no	unstable is vulnerable
zint	CVE-2021-27799	not yet assigned	no	unstable is vulnerable
zypper	CVE-2017-9271	low	no	unstable is vulnerable

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.