Vulnerable source packages in the testing suite

Candidates for DTSAs

Package	Bug	Urgency	Remote	Status
ansible	CVE-2021-20178	not yet assigned	?	unstable is vulnerable
	CVE-2021-20180	not yet assigned	?	unstable is vulnerable
	CVE-2021-20191	not yet assigned	?	unstable is vulnerable
	CVE-2021-20228	not yet assigned	?	fixed in unstable
avahi	CVE-2021-3468	not yet assigned	?	unstable is vulnerable
	CVE-2021-3502	not yet assigned	?	unstable is vulnerable
busybox	CVE-2021-28831	not yet assigned	no	unstable is vulnerable
cakephp	CVE-2020-15400	not yet assigned	no	unstable is vulnerable
ceph	CVE-2020-25678	not yet assigned	no	fixed in unstable
	CVE-2020-27839	not yet assigned	?	fixed in unstable
	CVE-2021-20288	not yet assigned	no	unstable is vulnerable
chromium	CVE-2021-21201	not yet assigned	?	unstable is vulnerable
	CVE-2021-21202	not yet assigned	?	unstable is vulnerable
	CVE-2021-21203	not yet assigned	?	unstable is vulnerable
	CVE-2021-21204	not yet assigned	?	unstable is vulnerable
	CVE-2021-21205	not yet assigned	?	unstable is vulnerable
	CVE-2021-21206	not yet assigned	?	unstable is vulnerable
	CVE-2021-21207	not yet assigned	?	unstable is vulnerable
	CVE-2021-21208	not yet assigned	?	unstable is vulnerable
	CVE-2021-21209	not yet assigned	?	unstable is vulnerable
	CVE-2021-21210	not yet assigned	?	unstable is vulnerable
	CVE-2021-21211	not yet assigned	?	unstable is vulnerable
	CVE-2021-21212	not yet assigned	?	unstable is vulnerable
	CVE-2021-21213	not yet assigned	?	unstable is vulnerable
	CVE-2021-21214	not yet assigned	?	unstable is vulnerable
	CVE-2021-21215	not yet assigned	?	unstable is vulnerable
	CVE-2021-21216	not yet assigned	?	unstable is vulnerable
	CVE-2021-21217	not yet assigned	?	unstable is vulnerable
	CVE-2021-21218	not yet assigned	?	unstable is vulnerable
	CVE-2021-21219	not yet assigned	?	unstable is vulnerable
	CVE-2021-21220	not yet assigned	?	unstable is vulnerable
	CVE-2021-21221	not yet assigned	?	unstable is vulnerable
civicrm	CVE-2021-21252	not yet assigned	no	unstable is vulnerable
clamav	CVE-2021-1252	not yet assigned	no	fixed in unstable
	CVE-2021-1404	not yet assigned	no	fixed in unstable
	CVE-2021-1405	not yet assigned	no	fixed in unstable
consul	CVE-2020-25864	not yet assigned	?	unstable is vulnerable
	CVE-2021-28156	not yet assigned	?	unstable is vulnerable
dogtag-pki	CVE-2020-1696	not yet assigned	no	unstable is vulnerable
	CVE-2020-25715	not yet assigned	?	unstable is vulnerable
exiv2	CVE-2021-3482	not yet assigned	no	unstable is vulnerable
file-roller	CVE-2020-36314	not yet assigned	no	fixed in unstable
firmware-nonfree (non-free)	CVE-2020-12313	not yet assigned	no	unstable is vulnerable
	CVE-2020-12317	not yet assigned	no	unstable is vulnerable
	CVE-2020-12319	not yet assigned	no	unstable is vulnerable
	CVE-2020-12321	not yet assigned	no	unstable is vulnerable
fluidsynth	CVE-2021-28421	not yet assigned	no	unstable is vulnerable
gnome-autoar	CVE-2021-28650	not yet assigned	no	unstable is vulnerable
gnuchess	CVE-2021-30184	not yet assigned	no	unstable is vulnerable
godot	CVE-2021-26825	not yet assigned	no	unstable is vulnerable
	CVE-2021-26826	not yet assigned	no	unstable is vulnerable
golang-1.15	CVE-2020-29510	not yet assigned	no	unstable is vulnerable
	CVE-2020-29511	not yet assigned	no	unstable is vulnerable
golang-github-containers-image	CVE-2021-20291	not yet assigned	no	unstable is vulnerable
golang-github-gin-gonic-gin	CVE-2020-28483	not yet assigned	no	unstable is vulnerable
golang-github-nats-io-jwt	CVE-2020-26521	not yet assigned	no	unstable is vulnerable
	CVE-2020-26892	not yet assigned	no	unstable is vulnerable
golang-github-pires-go-proxyproto	CVE-2021-23351	not yet assigned	no	unstable is vulnerable
golang-github-russellhaering-goxmldsig	CVE-2020-7711	not yet assigned	no	unstable is vulnerable
google-compute-image-packages	CVE-2020-8903	not yet assigned	no	unstable is vulnerable
	CVE-2020-8907	not yet assigned	no	unstable is vulnerable
	CVE-2020-8933	not yet assigned	no	unstable is vulnerable
google-oauth-client-java	CVE-2020-7692	not yet assigned	no	unstable is vulnerable
gpac	CVE-2021-28300	not yet assigned	no	unstable is vulnerable
gradle	CVE-2021-29428	not yet assigned	no	unstable is vulnerable
	CVE-2021-29429	not yet assigned	no	unstable is vulnerable
gsoap	CVE-2021-21783	not yet assigned	no	unstable is vulnerable
gst-plugins-good1.0	CVE-2021-3497	not yet assigned	?	unstable is vulnerable
	CVE-2021-3498	not yet assigned	?	unstable is vulnerable
imagemagick	CVE-2021-20309	not yet assigned	?	unstable is vulnerable
iotjs	CVE-2020-24344	not yet assigned	no	unstable is vulnerable
ircii	CVE-2021-29376	not yet assigned	no	fixed in unstable
jakarta-jmeter	CVE-2019-0187	not yet assigned	no	unstable is vulnerable
jetty9	CVE-2021-28163	not yet assigned	no	fixed in unstable
	CVE-2021-28164	not yet assigned	no	fixed in unstable
	CVE-2021-28165	not yet assigned	no	fixed in unstable
jodd	CVE-2018-21234	not yet assigned	no	unstable is vulnerable
kexec-tools	CVE-2021-20269	not yet assigned	?	unstable is vulnerable
kubernetes	CVE-2020-29652	not yet assigned	no	unstable is vulnerable
	CVE-2020-8554	not yet assigned	no	unstable is vulnerable
	CVE-2021-25735	not yet assigned	?	unstable is vulnerable
leptonlib	CVE-2020-36277	not yet assigned	no	unstable is vulnerable
	CVE-2020-36278	not yet assigned	no	unstable is vulnerable
	CVE-2020-36279	not yet assigned	no	unstable is vulnerable
	CVE-2020-36280	not yet assigned	no	unstable is vulnerable
	CVE-2020-36281	not yet assigned	no	unstable is vulnerable
libapache-poi-java	CVE-2019-12415	not yet assigned	no	unstable is vulnerable
libcaca	CVE-2021-30498	not yet assigned	?	unstable is vulnerable
	CVE-2021-30499	not yet assigned	?	unstable is vulnerable
libdnf	CVE-2021-3445	not yet assigned	?	fixed in unstable
libhibernate-validator-java	CVE-2019-10219	not yet assigned	no	unstable is vulnerable
	CVE-2020-10693	not yet assigned	no	unstable is vulnerable
libnbd	CVE-2021-20286	not yet assigned	no	fixed in unstable
libpdfbox-java	CVE-2021-27807	not yet assigned	no	unstable is vulnerable
	CVE-2021-27906	not yet assigned	no	unstable is vulnerable
libpdfbox2-java	CVE-2021-27807	not yet assigned	no	fixed in unstable
	CVE-2021-27906	not yet assigned	no	fixed in unstable
libpodofo	CVE-2021-30469	not yet assigned	?	unstable is vulnerable
	CVE-2021-30470	not yet assigned	?	unstable is vulnerable
	CVE-2021-30471	not yet assigned	?	unstable is vulnerable
	CVE-2021-30472	not yet assigned	?	unstable is vulnerable
libxml-security-java	CVE-2019-12400	not yet assigned	no	unstable is vulnerable
linux	CVE-2019-15794	not yet assigned	no	unstable is vulnerable
	CVE-2020-12362	not yet assigned	no	unstable is vulnerable
	CVE-2020-12363	not yet assigned	no	unstable is vulnerable
	CVE-2020-12364	not yet assigned	no	unstable is vulnerable
	CVE-2020-15802	not yet assigned	no	unstable is vulnerable
	CVE-2020-16119	not yet assigned	no	unstable is vulnerable
	CVE-2020-26541	not yet assigned	no	unstable is vulnerable
	CVE-2020-35501	not yet assigned	?	unstable is vulnerable
	CVE-2021-23133	not yet assigned	?	unstable is vulnerable
	CVE-2021-3493	not yet assigned	?	unstable is vulnerable
lua5.3	CVE-2019-6706	not yet assigned	no	unstable is vulnerable
	CVE-2020-24370	not yet assigned	no	unstable is vulnerable
lucene-solr	CVE-2021-27905	not yet assigned	no	unstable is vulnerable
lxc-templates	CVE-2017-18641	not yet assigned	no	unstable is vulnerable
mediawiki	CVE-2021-20270	not yet assigned	no	fixed in unstable
	CVE-2021-27291	not yet assigned	no	fixed in unstable
	CVE-2021-30152	not yet assigned	no	fixed in unstable
	CVE-2021-30153	not yet assigned	?	fixed in unstable
	CVE-2021-30154	not yet assigned	no	fixed in unstable
	CVE-2021-30155	not yet assigned	no	fixed in unstable
	CVE-2021-30157	not yet assigned	no	fixed in unstable
	CVE-2021-30158	not yet assigned	no	fixed in unstable
	CVE-2021-30159	not yet assigned	no	fixed in unstable
	CVE-2021-30458	not yet assigned	no	fixed in unstable
mosquitto	CVE-2021-28166	not yet assigned	no	fixed in unstable
mpv	CVE-2021-30145	not yet assigned	?	unstable is vulnerable
nanopb	CVE-2021-21401	not yet assigned	no	fixed in unstable
network-manager	CVE-2021-20297	not yet assigned	?	fixed in unstable
neutron	CVE-2021-20267	not yet assigned	?	unstable is vulnerable
nextcloud-desktop	CVE-2021-22879	not yet assigned	no	unstable is vulnerable
nginx	CVE-2020-36309	not yet assigned	no	unstable is vulnerable
nim	CVE-2021-21372	not yet assigned	no	unstable is vulnerable
	CVE-2021-21373	not yet assigned	no	unstable is vulnerable
	CVE-2021-21374	not yet assigned	no	unstable is vulnerable
node-glob-parent	CVE-2020-28469	not yet assigned	?	fixed in unstable
node-handlebars	CVE-2021-23369	not yet assigned	no	fixed in unstable
node-postcss	CVE-2021-23368	not yet assigned	no	fixed in unstable
node-xmldom	CVE-2021-21366	not yet assigned	no	fixed in unstable
nova	CVE-2015-9543	not yet assigned	no	unstable is vulnerable
nss	CVE-2020-12413	not yet assigned	?	unstable is vulnerable
opendmarc	CVE-2020-12272	not yet assigned	no	unstable is vulnerable
openexr	CVE-2021-20296	not yet assigned	no	unstable is vulnerable
	CVE-2021-3474	not yet assigned	no	unstable is vulnerable
	CVE-2021-3475	not yet assigned	no	unstable is vulnerable
	CVE-2021-3476	not yet assigned	no	unstable is vulnerable
	CVE-2021-3477	not yet assigned	no	unstable is vulnerable
	CVE-2021-3478	not yet assigned	no	unstable is vulnerable
	CVE-2021-3479	not yet assigned	no	unstable is vulnerable
openjpeg2	CVE-2021-29338	not yet assigned	no	unstable is vulnerable
openrc	CVE-2018-21269	not yet assigned	no	unstable is vulnerable
openssh	CVE-2018-15919	low	no	unstable is vulnerable
php-phpseclib	CVE-2021-30130	not yet assigned	no	fixed in unstable
phpseclib	CVE-2021-30130	not yet assigned	no	fixed in unstable
pupnp-1.8	CVE-2020-12695	not yet assigned	no	unstable is vulnerable
	CVE-2020-13848	not yet assigned	no	unstable is vulnerable
	CVE-2021-28302	not yet assigned	no	unstable is vulnerable
pygments	CVE-2021-27291	not yet assigned	no	unstable is vulnerable
python-autobahn	CVE-2020-35678	not yet assigned	no	unstable is vulnerable
python-django-celery-results	CVE-2020-17495	not yet assigned	no	unstable is vulnerable
python-django-registration	CVE-2021-21416	not yet assigned	no	unstable is vulnerable
python-httplib2	CVE-2021-21240	not yet assigned	no	unstable is vulnerable
python-markdown2	CVE-2021-26813	not yet assigned	no	unstable is vulnerable
python-rsa	CVE-2020-13757	not yet assigned	no	unstable is vulnerable
	CVE-2020-25658	not yet assigned	no	unstable is vulnerable
python-urllib3	CVE-2021-28363	not yet assigned	no	unstable is vulnerable
pyyaml	CVE-2020-14343	not yet assigned	no	unstable is vulnerable
qemu	CVE-2020-15469	low	no	unstable is vulnerable
	CVE-2020-17380	not yet assigned	no	fixed in unstable
	CVE-2020-29443	not yet assigned	no	unstable is vulnerable
	CVE-2021-20203	not yet assigned	no	unstable is vulnerable
	CVE-2021-3392	not yet assigned	no	fixed in unstable
	CVE-2021-3409	not yet assigned	no	fixed in unstable
qtsvg-opensource-src	CVE-2021-3481	not yet assigned	?	fixed in unstable
re2c	CVE-2018-21232	not yet assigned	no	unstable is vulnerable
resteasy3.0	CVE-2020-25633	not yet assigned	no	unstable is vulnerable
	CVE-2020-25724	not yet assigned	?	unstable is vulnerable
ring	CVE-2020-15260	not yet assigned	no	unstable is vulnerable
	CVE-2021-21375	not yet assigned	no	unstable is vulnerable
ruby-rexml	CVE-2021-28965	not yet assigned	?	unstable is vulnerable
ruby-sidekiq	CVE-2021-30151	not yet assigned	no	unstable is vulnerable
ruby-twitter-stream	CVE-2020-24392	not yet assigned	no	unstable is vulnerable
ruby2.7	CVE-2021-28965	not yet assigned	?	fixed in unstable
rust-http	CVE-2019-25009	not yet assigned	no	unstable is vulnerable
rust-hyper	CVE-2021-21299	not yet assigned	no	unstable is vulnerable
rust-lock-api	CVE-2020-35910	not yet assigned	no	unstable is vulnerable
	CVE-2020-35911	not yet assigned	no	unstable is vulnerable
	CVE-2020-35912	not yet assigned	no	unstable is vulnerable
	CVE-2020-35913	not yet assigned	no	unstable is vulnerable
	CVE-2020-35914	not yet assigned	no	unstable is vulnerable
rust-rgb	CVE-2020-25016	not yet assigned	no	unstable is vulnerable
rust-sized-chunks	CVE-2020-25791	not yet assigned	no	unstable is vulnerable
	CVE-2020-25792	not yet assigned	no	unstable is vulnerable
	CVE-2020-25793	not yet assigned	no	unstable is vulnerable
	CVE-2020-25794	not yet assigned	no	unstable is vulnerable
	CVE-2020-25795	not yet assigned	no	unstable is vulnerable
	CVE-2020-25796	not yet assigned	no	unstable is vulnerable
rust-stackvector	CVE-2021-29939	not yet assigned	no	fixed in unstable
rustc	CVE-2020-36317	not yet assigned	no	unstable is vulnerable
	CVE-2020-36318	not yet assigned	no	unstable is vulnerable
	CVE-2020-36323	not yet assigned	no	unstable is vulnerable
	CVE-2021-28875	not yet assigned	no	unstable is vulnerable
	CVE-2021-28876	not yet assigned	no	unstable is vulnerable
	CVE-2021-28877	not yet assigned	no	unstable is vulnerable
	CVE-2021-28878	not yet assigned	no	unstable is vulnerable
	CVE-2021-28879	not yet assigned	no	unstable is vulnerable
	CVE-2021-31162	not yet assigned	no	unstable is vulnerable
scrollz	CVE-2021-29376	not yet assigned	no	unstable is vulnerable
shiro	CVE-2019-12422	low	no	unstable is vulnerable
	CVE-2020-11989	not yet assigned	no	unstable is vulnerable
	CVE-2020-13933	not yet assigned	no	unstable is vulnerable
	CVE-2020-17510	not yet assigned	no	unstable is vulnerable
	CVE-2020-17523	not yet assigned	no	unstable is vulnerable
	CVE-2020-1957	not yet assigned	no	unstable is vulnerable
slic3r	CVE-2020-28590	not yet assigned	no	unstable is vulnerable
software-properties	CVE-2020-15709	not yet assigned	no	unstable is vulnerable
squid	CVE-2021-28116	not yet assigned	no	unstable is vulnerable
syncthing	CVE-2021-21404	not yet assigned	no	unstable is vulnerable
three.js	CVE-2020-28496	not yet assigned	no	unstable is vulnerable
thrift	CVE-2019-11939	not yet assigned	no	unstable is vulnerable
	CVE-2020-13949	not yet assigned	no	unstable is vulnerable
thunderbird	CVE-2021-23991	not yet assigned	?	unstable is vulnerable
	CVE-2021-23992	not yet assigned	?	unstable is vulnerable
	CVE-2021-23993	not yet assigned	?	unstable is vulnerable
tika	CVE-2021-28657	not yet assigned	no	unstable is vulnerable
u-boot	CVE-2021-27097	not yet assigned	no	unstable is vulnerable
	CVE-2021-27138	not yet assigned	no	unstable is vulnerable
umoci	CVE-2021-29136	not yet assigned	no	fixed in unstable
varnish-modules	CVE-2021-28543	not yet assigned	no	unstable is vulnerable
webkit2gtk	CVE-2021-1788	not yet assigned	no	unstable is vulnerable
	CVE-2021-1844	not yet assigned	no	unstable is vulnerable
	CVE-2021-1871	not yet assigned	no	unstable is vulnerable
wordpress	CVE-2021-29450	not yet assigned	no	fixed in unstable
wpewebkit	CVE-2021-1788	not yet assigned	no	unstable is vulnerable
	CVE-2021-1844	not yet assigned	no	unstable is vulnerable
	CVE-2021-1871	not yet assigned	no	unstable is vulnerable
xdg-utils	CVE-2020-27748	not yet assigned	?	unstable is vulnerable
xen	CVE-2021-28687	not yet assigned	?	unstable is vulnerable
xmlgraphics-commons	CVE-2020-11988	not yet assigned	no	unstable is vulnerable
xorg-server	CVE-2021-3472	not yet assigned	?	fixed in unstable
zypper	CVE-2017-9271	low	no	unstable is vulnerable

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.