Vulnerable source packages in the testing suite

Candidates for DTSAs

Package	Bug	Urgency	Remote	Status
389-ds-base	CVE-2023-1055	not yet assigned	no	unstable is vulnerable
aflplusplus	CVE-2023-26266	not yet assigned	no	fixed in unstable
allegro4.4	CVE-2021-36489	not yet assigned	no	unstable is vulnerable
angular.js	CVE-2022-25844	not yet assigned	no	unstable is vulnerable
	CVE-2022-25869	not yet assigned	no	unstable is vulnerable
asterisk	CVE-2022-23537	not yet assigned	no	unstable is vulnerable
	CVE-2022-23547	not yet assigned	no	unstable is vulnerable
	CVE-2022-39269	not yet assigned	no	unstable is vulnerable
cairosvg	CVE-2023-27586	not yet assigned	no	fixed in unstable
chromium	CVE-2023-1528	not yet assigned	no	fixed in unstable
	CVE-2023-1529	not yet assigned	no	fixed in unstable
	CVE-2023-1530	not yet assigned	no	fixed in unstable
	CVE-2023-1531	not yet assigned	no	fixed in unstable
	CVE-2023-1532	not yet assigned	no	fixed in unstable
	CVE-2023-1533	not yet assigned	no	fixed in unstable
	CVE-2023-1534	not yet assigned	no	fixed in unstable
ckeditor3	CVE-2014-5191	not yet assigned	no	unstable is vulnerable
	CVE-2018-17960	low	no	unstable is vulnerable
	CVE-2021-26271	not yet assigned	no	unstable is vulnerable
	CVE-2021-33829	not yet assigned	no	unstable is vulnerable
	CVE-2021-37695	not yet assigned	no	unstable is vulnerable
	CVE-2021-41165	not yet assigned	no	unstable is vulnerable
	CVE-2022-24728	not yet assigned	no	unstable is vulnerable
	CVE-2022-24729	not yet assigned	no	unstable is vulnerable
cloudcompare	CVE-2021-21897	not yet assigned	no	unstable is vulnerable
cmark-gfm	CVE-2023-22483	not yet assigned	no	unstable is vulnerable
	CVE-2023-22484	not yet assigned	no	unstable is vulnerable
	CVE-2023-22485	not yet assigned	no	unstable is vulnerable
	CVE-2023-22486	not yet assigned	no	unstable is vulnerable
cookiecutter	CVE-2022-24065	not yet assigned	no	unstable is vulnerable
curl	CVE-2023-27533	not yet assigned	?	fixed in unstable
	CVE-2023-27534	not yet assigned	?	fixed in unstable
	CVE-2023-27535	not yet assigned	?	fixed in unstable
	CVE-2023-27536	not yet assigned	?	fixed in unstable
	CVE-2023-27537	not yet assigned	?	fixed in unstable
	CVE-2023-27538	not yet assigned	?	fixed in unstable
debian-goodies	CVE-2023-27635	not yet assigned	no	unstable is vulnerable
deluge	CVE-2021-3427	not yet assigned	no	unstable is vulnerable
dino-im	CVE-2023-28686	not yet assigned	no	fixed in unstable
dnsmasq	CVE-2023-28450	not yet assigned	no	unstable is vulnerable
docker.io	CVE-2022-37708	not yet assigned	no	unstable is vulnerable
dogtag-pki	CVE-2019-10178	not yet assigned	no	unstable is vulnerable
	CVE-2019-10180	not yet assigned	no	unstable is vulnerable
	CVE-2020-1696	not yet assigned	no	unstable is vulnerable
emacs	CVE-2023-28617	not yet assigned	no	unstable is vulnerable
glusterfs	CVE-2022-48340	not yet assigned	no	unstable is vulnerable
	CVE-2023-26253	not yet assigned	no	unstable is vulnerable
golang-1.19	CVE-2023-24532	not yet assigned	no	unstable is vulnerable
golang-github-emicklei-go-restful	CVE-2022-1996	not yet assigned	no	unstable is vulnerable
golang-github-go-macaron-csrf	CVE-2018-25060	not yet assigned	no	unstable is vulnerable
golang-github-hashicorp-go-getter	CVE-2022-26945	not yet assigned	no	unstable is vulnerable
	CVE-2022-30321	not yet assigned	no	unstable is vulnerable
	CVE-2022-30322	not yet assigned	no	unstable is vulnerable
	CVE-2022-30323	not yet assigned	no	unstable is vulnerable
	CVE-2023-0475	not yet assigned	no	unstable is vulnerable
golang-github-tidwall-gjson	CVE-2021-42248	not yet assigned	no	unstable is vulnerable
	CVE-2021-42836	not yet assigned	no	unstable is vulnerable
gpac	CVE-2022-3222	not yet assigned	no	unstable is vulnerable
	CVE-2022-4202	not yet assigned	no	unstable is vulnerable
	CVE-2022-43039	not yet assigned	no	unstable is vulnerable
	CVE-2022-43040	not yet assigned	no	unstable is vulnerable
	CVE-2022-43042	not yet assigned	no	unstable is vulnerable
	CVE-2022-43043	not yet assigned	no	unstable is vulnerable
	CVE-2022-43044	not yet assigned	no	unstable is vulnerable
	CVE-2022-43045	not yet assigned	no	unstable is vulnerable
	CVE-2022-45202	not yet assigned	no	unstable is vulnerable
	CVE-2022-45283	not yet assigned	no	unstable is vulnerable
	CVE-2022-45343	not yet assigned	no	unstable is vulnerable
	CVE-2022-46489	not yet assigned	no	unstable is vulnerable
	CVE-2022-46490	not yet assigned	no	unstable is vulnerable
	CVE-2022-47086	not yet assigned	no	unstable is vulnerable
	CVE-2022-47087	not yet assigned	no	unstable is vulnerable
	CVE-2022-47088	not yet assigned	no	unstable is vulnerable
	CVE-2022-47089	not yet assigned	no	unstable is vulnerable
	CVE-2022-47091	not yet assigned	no	unstable is vulnerable
	CVE-2022-47092	not yet assigned	no	unstable is vulnerable
	CVE-2022-47093	not yet assigned	no	unstable is vulnerable
	CVE-2022-47094	not yet assigned	no	unstable is vulnerable
	CVE-2022-47095	not yet assigned	no	unstable is vulnerable
	CVE-2022-47653	not yet assigned	no	unstable is vulnerable
	CVE-2022-47654	not yet assigned	no	unstable is vulnerable
	CVE-2022-47656	not yet assigned	no	unstable is vulnerable
	CVE-2022-47657	not yet assigned	no	unstable is vulnerable
	CVE-2022-47658	not yet assigned	no	unstable is vulnerable
	CVE-2022-47659	not yet assigned	no	unstable is vulnerable
	CVE-2022-47660	not yet assigned	no	unstable is vulnerable
	CVE-2022-47661	not yet assigned	no	unstable is vulnerable
	CVE-2022-47662	not yet assigned	no	unstable is vulnerable
	CVE-2022-47663	not yet assigned	no	unstable is vulnerable
	CVE-2023-0358	not yet assigned	no	unstable is vulnerable
	CVE-2023-0760	not yet assigned	no	unstable is vulnerable
	CVE-2023-0770	not yet assigned	no	unstable is vulnerable
	CVE-2023-0817	not yet assigned	no	unstable is vulnerable
	CVE-2023-0818	not yet assigned	no	unstable is vulnerable
	CVE-2023-0819	not yet assigned	no	unstable is vulnerable
	CVE-2023-0866	not yet assigned	no	unstable is vulnerable
	CVE-2023-1448	not yet assigned	no	unstable is vulnerable
	CVE-2023-1449	not yet assigned	no	unstable is vulnerable
	CVE-2023-1452	not yet assigned	no	unstable is vulnerable
	CVE-2023-23143	not yet assigned	no	unstable is vulnerable
	CVE-2023-23144	not yet assigned	no	unstable is vulnerable
	CVE-2023-23145	not yet assigned	no	unstable is vulnerable
harfbuzz	CVE-2023-25193	not yet assigned	no	unstable is vulnerable
hdf5	CVE-2022-25942	not yet assigned	no	unstable is vulnerable
	CVE-2022-25972	not yet assigned	no	unstable is vulnerable
	CVE-2022-26061	not yet assigned	no	unstable is vulnerable
hotspot	CVE-2023-28144	not yet assigned	no	unstable is vulnerable
imagemagick	CVE-2022-1115	not yet assigned	no	unstable is vulnerable
	CVE-2022-3213	not yet assigned	no	unstable is vulnerable
	CVE-2023-1289	not yet assigned	no	unstable is vulnerable
intel-microcode (non-free-firmware)	CVE-2022-21216	not yet assigned	no	fixed in unstable
	CVE-2022-33196	not yet assigned	no	fixed in unstable
	CVE-2022-33972	not yet assigned	no	fixed in unstable
	CVE-2022-38090	not yet assigned	no	fixed in unstable
iortcw (contrib)	CVE-2019-25104	not yet assigned	no	unstable is vulnerable
jquery-minicolors	CVE-2021-32850	not yet assigned	no	unstable is vulnerable
json-smart	CVE-2023-1370	not yet assigned	no	unstable is vulnerable
kubernetes	CVE-2020-8562	not yet assigned	no	unstable is vulnerable
	CVE-2021-25735	not yet assigned	no	unstable is vulnerable
	CVE-2021-25743	not yet assigned	no	unstable is vulnerable
libde265	CVE-2023-27102	not yet assigned	no	unstable is vulnerable
	CVE-2023-27103	not yet assigned	no	unstable is vulnerable
libgda5	CVE-2021-39359	not yet assigned	no	unstable is vulnerable
libmicrohttpd	CVE-2023-27371	not yet assigned	no	fixed in unstable
libosip2	CVE-2022-41550	not yet assigned	no	fixed in unstable
libowasp-antisamy-java	CVE-2022-28366	not yet assigned	no	unstable is vulnerable
	CVE-2022-28367	not yet assigned	no	unstable is vulnerable
libpdfbox-java	CVE-2021-31811	not yet assigned	no	unstable is vulnerable
	CVE-2021-31812	not yet assigned	no	unstable is vulnerable
libpod	CVE-2023-0778	not yet assigned	?	unstable is vulnerable
libraw	CVE-2021-32142	not yet assigned	no	unstable is vulnerable
libreswan	CVE-2023-23009	not yet assigned	no	fixed in unstable
libstb	CVE-2021-42715	not yet assigned	no	unstable is vulnerable
	CVE-2021-42716	not yet assigned	no	unstable is vulnerable
	CVE-2022-28041	not yet assigned	no	unstable is vulnerable
	CVE-2022-28042	not yet assigned	no	unstable is vulnerable
libwoodstox-java	CVE-2022-40152	not yet assigned	no	unstable is vulnerable
linux	CVE-2013-7445	not yet assigned	no	unstable is vulnerable
	CVE-2019-20794	not yet assigned	no	unstable is vulnerable
	CVE-2021-3847	not yet assigned	no	unstable is vulnerable
	CVE-2021-3864	not yet assigned	no	unstable is vulnerable
	CVE-2022-4269	not yet assigned	no	unstable is vulnerable
	CVE-2023-0160	not yet assigned	?	unstable is vulnerable
	CVE-2023-0597	not yet assigned	no	unstable is vulnerable
	CVE-2023-0615	not yet assigned	no	unstable is vulnerable
	CVE-2023-1032	not yet assigned	?	fixed in unstable
	CVE-2023-1076	not yet assigned	?	fixed in unstable
	CVE-2023-1077	not yet assigned	?	fixed in unstable
	CVE-2023-1079	not yet assigned	?	fixed in unstable
	CVE-2023-1118	not yet assigned	no	fixed in unstable
	CVE-2023-1192	not yet assigned	?	unstable is vulnerable
	CVE-2023-1193	not yet assigned	?	unstable is vulnerable
	CVE-2023-1194	not yet assigned	?	unstable is vulnerable
	CVE-2023-1380	not yet assigned	?	unstable is vulnerable
	CVE-2023-23005	not yet assigned	no	unstable is vulnerable
	CVE-2023-23039	not yet assigned	no	unstable is vulnerable
	CVE-2023-25012	not yet assigned	no	fixed in unstable
	CVE-2023-28466	not yet assigned	no	fixed in unstable
markdown-it-py	CVE-2023-26302	not yet assigned	no	unstable is vulnerable
	CVE-2023-26303	not yet assigned	no	unstable is vulnerable
nethack	CVE-2023-24809	not yet assigned	no	unstable is vulnerable
nim	CVE-2021-41259	not yet assigned	no	unstable is vulnerable
node-request	CVE-2023-28155	not yet assigned	no	unstable is vulnerable
node-ua-parser-js	CVE-2022-25927	not yet assigned	no	unstable is vulnerable
node-undici	CVE-2023-23936	not yet assigned	no	fixed in unstable
	CVE-2023-24807	not yet assigned	no	fixed in unstable
node-webpack	CVE-2023-28154	not yet assigned	no	fixed in unstable
nodejs	CVE-2023-23918	not yet assigned	no	unstable is vulnerable
	CVE-2023-23919	not yet assigned	no	unstable is vulnerable
	CVE-2023-23920	not yet assigned	no	unstable is vulnerable
nvidia-cuda-toolkit (non-free)	CVE-2023-0193	not yet assigned	no	unstable is vulnerable
	CVE-2023-0196	not yet assigned	no	unstable is vulnerable
ocrfeeder	CVE-2022-27811	not yet assigned	no	unstable is vulnerable
opendoas	CVE-2023-28339	not yet assigned	no	unstable is vulnerable
openssh	CVE-2023-28531	not yet assigned	no	unstable is vulnerable
openssl	CVE-2023-0464	not yet assigned	no	unstable is vulnerable
org-mode	CVE-2023-28617	not yet assigned	no	unstable is vulnerable
owslib	CVE-2023-27476	not yet assigned	no	unstable is vulnerable
pesign	CVE-2022-3560	not yet assigned	no	unstable is vulnerable
php-phpseclib3	CVE-2023-27560	not yet assigned	no	fixed in unstable
php8.2	CVE-2023-0567	not yet assigned	no	fixed in unstable
	CVE-2023-0568	not yet assigned	no	fixed in unstable
	CVE-2023-0662	not yet assigned	no	fixed in unstable
phpldapadmin	CVE-2020-35132	not yet assigned	no	fixed in unstable
pupnp-1.8	CVE-2020-13848	not yet assigned	no	unstable is vulnerable
	CVE-2021-28302	not yet assigned	no	unstable is vulnerable
	CVE-2021-29462	not yet assigned	no	unstable is vulnerable
py7zr	CVE-2022-44900	not yet assigned	no	unstable is vulnerable
pymatgen	CVE-2022-42964	not yet assigned	no	unstable is vulnerable
python-cmarkgfm	CVE-2020-5238	not yet assigned	no	unstable is vulnerable
	CVE-2022-39209	not yet assigned	no	unstable is vulnerable
	CVE-2023-22483	not yet assigned	no	unstable is vulnerable
	CVE-2023-22484	not yet assigned	no	unstable is vulnerable
	CVE-2023-22485	not yet assigned	no	unstable is vulnerable
	CVE-2023-22486	not yet assigned	no	unstable is vulnerable
python-future	CVE-2022-40899	not yet assigned	no	unstable is vulnerable
python-oslo.privsep	CVE-2022-38065	not yet assigned	no	unstable is vulnerable
python-werkzeug	CVE-2023-23934	not yet assigned	no	unstable is vulnerable
	CVE-2023-25577	not yet assigned	no	unstable is vulnerable
python3.11	CVE-2023-24329	not yet assigned	no	unstable is vulnerable
qemu	CVE-2023-1544	not yet assigned	no	unstable is vulnerable
r-cran-commonmark	CVE-2023-22483	not yet assigned	no	unstable is vulnerable
	CVE-2023-22484	not yet assigned	no	unstable is vulnerable
	CVE-2023-22485	not yet assigned	no	unstable is vulnerable
	CVE-2023-22486	not yet assigned	no	unstable is vulnerable
rails	CVE-2022-3704	not yet assigned	no	unstable is vulnerable
	CVE-2022-44566	not yet assigned	no	unstable is vulnerable
	CVE-2023-22792	not yet assigned	no	unstable is vulnerable
	CVE-2023-22794	not yet assigned	no	unstable is vulnerable
	CVE-2023-22795	not yet assigned	no	unstable is vulnerable
	CVE-2023-22796	not yet assigned	no	unstable is vulnerable
	CVE-2023-23913	not yet assigned	?	unstable is vulnerable
	CVE-2023-28120	not yet assigned	?	unstable is vulnerable
rbenv	CVE-2017-1000047	not yet assigned	no	unstable is vulnerable
redis	CVE-2022-35977	not yet assigned	no	fixed in unstable
	CVE-2022-36021	not yet assigned	no	fixed in unstable
	CVE-2023-22458	not yet assigned	no	fixed in unstable
	CVE-2023-25155	not yet assigned	no	fixed in unstable
	CVE-2023-28425	not yet assigned	no	unstable is vulnerable
ruby-asciidoctor-include-ext	CVE-2022-24803	not yet assigned	no	fixed in unstable
ruby-commonmarker	CVE-2022-39209	not yet assigned	no	unstable is vulnerable
	CVE-2023-22483	not yet assigned	no	unstable is vulnerable
	CVE-2023-22484	not yet assigned	no	unstable is vulnerable
	CVE-2023-22485	not yet assigned	no	unstable is vulnerable
	CVE-2023-22486	not yet assigned	no	unstable is vulnerable
ruby-rack	CVE-2023-27530	not yet assigned	no	unstable is vulnerable
	CVE-2023-27539	not yet assigned	?	unstable is vulnerable
ruby-xmlhash	CVE-2022-21949	not yet assigned	no	fixed in unstable
runc	CVE-2023-27561	not yet assigned	no	unstable is vulnerable
rust-lock-api-0.1	CVE-2020-35910	not yet assigned	no	unstable is vulnerable
	CVE-2020-35911	not yet assigned	no	unstable is vulnerable
	CVE-2020-35912	not yet assigned	no	unstable is vulnerable
	CVE-2020-35913	not yet assigned	no	unstable is vulnerable
	CVE-2020-35914	not yet assigned	no	unstable is vulnerable
rust-prettytable-rs	TEMP-1027282-04F215	not yet assigned	?	fixed in unstable
rust-remove-dir-all	TEMP-0000000-3A226A	not yet assigned	?	unstable is vulnerable
rust-rgb	CVE-2020-25016	not yet assigned	no	fixed in unstable
shiro	CVE-2019-12422	low	no	unstable is vulnerable
sofia-sip	CVE-2022-47516	not yet assigned	no	unstable is vulnerable
stellarium	CVE-2023-28371	not yet assigned	no	unstable is vulnerable
svgpp	CVE-2021-44960	not yet assigned	no	fixed in unstable
teeworlds	CVE-2021-43518	not yet assigned	no	fixed in unstable
thrift	CVE-2019-11939	not yet assigned	no	unstable is vulnerable
tidy-html5	CVE-2021-33391	not yet assigned	no	unstable is vulnerable
tomcat9	CVE-2023-28708	not yet assigned	no	unstable is vulnerable
upx-ucl	CVE-2023-23456	not yet assigned	no	unstable is vulnerable
vim	CVE-2023-0054	not yet assigned	no	fixed in unstable
	CVE-2023-1175	not yet assigned	no	fixed in unstable
vtk9	CVE-2021-42521	not yet assigned	no	unstable is vulnerable
wireshark	CVE-2023-1161	not yet assigned	no	unstable is vulnerable
wordpress	CVE-2022-3590	not yet assigned	no	unstable is vulnerable
xdg-utils	CVE-2020-27748	not yet assigned	no	unstable is vulnerable
	CVE-2022-4055	not yet assigned	no	unstable is vulnerable
xen	CVE-2022-42331	not yet assigned	no	unstable is vulnerable
	CVE-2022-42332	not yet assigned	no	unstable is vulnerable
	CVE-2022-42333	not yet assigned	no	unstable is vulnerable
	CVE-2022-42334	not yet assigned	no	unstable is vulnerable

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.