Vulnerable source packages in the unstable suite

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
389-ds-baseCVE-2016-5416medium**yes
abiwordCVE-2017-17529medium**yes
accountsserviceCVE-2012-6655low?
aodhCVE-2017-12440medium**yes
apng2gifCVE-2017-6960medium**yes
CVE-2017-6961medium**yes
CVE-2017-6962medium**yes
arcTEMP-0774439-ECBE09low?
TEMP-0774527-3B586Flow?
aubioCVE-2017-17054medium**yes
CVE-2017-17554lowyes
CVE-2017-17555lowyes
awstatsCVE-2017-1000501high**yes
backintimeCVE-2017-16667high**yes
bareosCVE-2017-14610medium**no
binutilsCVE-2017-13716lowyes
CVE-2017-14930high**yes
CVE-2017-14932medium**yes
CVE-2017-14933medium**yes
CVE-2017-14934medium**yes
CVE-2017-14938medium**yes
CVE-2017-14939medium**yes
CVE-2017-14940medium**yes
CVE-2017-15020medium**yes
CVE-2017-15021medium**yes
CVE-2017-15022medium**yes
CVE-2017-15023medium**yes
CVE-2017-15024medium**yes
CVE-2017-15025medium**yes
CVE-2017-15225medium**yes
CVE-2017-15938medium**yes
CVE-2017-15996medium**yes
CVE-2017-16826medium**yes
CVE-2017-16827medium**yes
CVE-2017-16828medium**yes
CVE-2017-16829medium**yes
CVE-2017-16830medium**yes
CVE-2017-16831medium**yes
CVE-2017-16832medium**yes
CVE-2017-17080medium**yes
CVE-2017-17121medium**yes
CVE-2017-17122medium**yes
CVE-2017-17123medium**yes
CVE-2017-17124medium**yes
CVE-2017-17125medium**yes
CVE-2017-17126medium**yes
bluezCVE-2016-9797medium**yes
CVE-2016-9798medium**yes
CVE-2016-9799medium**yes
CVE-2016-9800medium**yes
CVE-2016-9801medium**yes
CVE-2016-9802medium**yes
CVE-2016-9803medium**yes
CVE-2016-9804medium**yes
CVE-2016-9917medium**yes
CVE-2016-9918medium**yes
bundlerCVE-2016-7954high**yes
byzanzCVE-2015-2785lowyes
cairoCVE-2017-7475lowyes
CVE-2017-9814lowyes
cephCVE-2017-7519not yet assigned?
check-mkCVE-2017-9781medium**yes
chefCVE-2015-8559medium**yes
chromium-browserCVE-2017-15429not yet assigned?
cobblerCVE-2016-9605not yet assigned?
CVE-2017-1000469high**yes
collectdCVE-2017-16820high**yes
coreutilsCVE-2016-2781low**no
cronCVE-2017-9525medium**no
dcrawCVE-2015-8366not yet assigned?
docker.ioCVE-2017-16539medium**yes
dokuwikiCVE-2016-7964medium**yes
CVE-2016-7965medium**yes
CVE-2017-12583medium**yes
CVE-2017-12979medium**yes
CVE-2017-12980medium**yes
dolibarrCVE-2017-14238high**yes
CVE-2017-14239low**yes
CVE-2017-14240medium**yes
CVE-2017-14241low**yes
CVE-2017-14242high**yes
CVE-2017-17897high**yes
CVE-2017-17898medium**yes
CVE-2017-17899high**yes
CVE-2017-17900high**yes
CVE-2017-17971medium**yes
CVE-2017-9840medium**yes
exiv2CVE-2017-1000126medium**yes
CVE-2017-1000127medium**yes
CVE-2017-1000128medium**yes
CVE-2017-11336medium**yes
CVE-2017-11337medium**yes
CVE-2017-11338medium**yes
CVE-2017-11339medium**yes
CVE-2017-11340medium**yes
CVE-2017-11553lowyes
CVE-2017-11591lowyes
CVE-2017-11683lowyes
CVE-2017-12955medium**yes
CVE-2017-12956medium**yes
CVE-2017-14857medium**yes
CVE-2017-14859medium**yes
CVE-2017-14860medium**yes
CVE-2017-14862medium**yes
CVE-2017-14863medium**yes
CVE-2017-14864medium**yes
CVE-2017-14865medium**yes
CVE-2017-17669medium**yes
CVE-2017-18005medium**yes
ffmpegCVE-2017-14034medium**yes
firmware-nonfree (non-free)CVE-2017-9417high**yes
fontforgeCVE-2017-11570lowyes
CVE-2017-11573lowyes
freeipaCVE-2015-5179medium**yes
CVE-2017-11191medium**yes
gcabCVE-2018-5345not yet assignedno
gdk-pixbufCVE-2017-6312lowyes
CVE-2017-6313lowyes
CVE-2017-6314lowyes
gdm3CVE-2016-1000002low?
ghostscriptCVE-2016-10317medium**yes
gitlabCVE-2017-0915not yet assigned?
CVE-2017-0916not yet assigned?
CVE-2017-0917not yet assigned?
CVE-2017-0918not yet assigned?
CVE-2017-0923not yet assigned?
CVE-2017-0925not yet assigned?
CVE-2017-0926not yet assigned?
CVE-2017-0927not yet assigned?
CVE-2018-3710not yet assigned?
gksuCVE-2014-2886medium**yes
glibcCVE-2016-10228medium**yes
CVE-2017-8804high**yes
golang-1.7CVE-2017-15041high**yes
CVE-2017-15042medium**yes
guacamole-clientCVE-2016-1566low**yes
hdf5CVE-2017-17505medium**yes
CVE-2017-17506medium**yes
CVE-2017-17507medium**yes
CVE-2017-17508medium**yes
CVE-2017-17509medium**yes
hesiodCVE-2016-10151lowno
CVE-2016-10152lowyes
icinga2CVE-2017-16933lowno
icuCVE-2017-15422not yet assigned?
CVE-2017-17484high**yes
imagemagickCVE-2017-1000445medium**yes
CVE-2017-1000476high**yes
CVE-2017-12140lowyes
CVE-2017-12674lowyes
CVE-2017-12691lowyes
CVE-2017-12692lowyes
CVE-2017-12693lowyes
CVE-2017-12875lowyes
CVE-2017-12877medium**yes
CVE-2017-12983medium**yes
CVE-2017-13061medium**yes
CVE-2017-13133lowyes
CVE-2017-13134medium**yes
CVE-2017-13758medium**yes
CVE-2017-13768lowyes
CVE-2017-13769lowyes
CVE-2017-14060lowyes
CVE-2017-14172lowyes
CVE-2017-14173lowyes
CVE-2017-14174lowyes
CVE-2017-14175lowyes
CVE-2017-14224medium**yes
CVE-2017-14249lowyes
CVE-2017-14341lowyes
CVE-2017-14400lowyes
CVE-2017-14505lowyes
CVE-2017-14528medium**yes
CVE-2017-14532high**yes
CVE-2017-14607lowyes
CVE-2017-14624lowyes
CVE-2017-14625lowyes
CVE-2017-14626lowyes
CVE-2017-14682medium**yes
CVE-2017-14739lowyes
CVE-2017-14741lowyes
CVE-2017-14989medium**yes
CVE-2017-15015lowyes
CVE-2017-15017lowyes
CVE-2017-15277medium**yes
CVE-2017-15281lowyes
CVE-2017-16546medium**yes
CVE-2017-17499high**yes
CVE-2017-17504medium**yes
CVE-2017-17681lowyes
CVE-2017-17682lowyes
CVE-2017-17879medium**yes
CVE-2017-17914high**yes
CVE-2018-5248medium**yes
irssiCVE-2018-5205not yet assignedno
CVE-2018-5206not yet assignedno
CVE-2018-5207not yet assignedno
CVE-2018-5208not yet assignedno
isc-dhcpCVE-2017-3144not yet assigned?
kannelCVE-2017-14609lowno
kgb-botCVE-2015-1554lowyes
kodiCVE-2017-5982medium**yes
kojiCVE-2017-1002153medium**yes
krb5CVE-2018-5709not yet assignedno
CVE-2018-5710not yet assignedno
lameCVE-2017-15019medium**yes
ldnsCVE-2017-1000231high**yes
CVE-2017-1000232high**yes
ledgerCVE-2017-12481lowyes
CVE-2017-12482lowyes
CVE-2017-2807lowyes
CVE-2017-2808lowyes
libaoCVE-2017-11548lowyes
libapache-poi-javaCVE-2017-5644high**yes
libapache2-mod-nssCVE-2015-3277medium**yes
libarchiveCVE-2017-14501medium**yes
CVE-2017-14502medium**yes
CVE-2017-14503medium**yes
libcrocoCVE-2017-8834lowyes
CVE-2017-8871lowyes
libcspCVE-2016-8596high**yes
CVE-2016-8597high**yes
CVE-2016-8598high**yes
libdbd-mysql-perlCVE-2017-10788high**yes
CVE-2017-10789medium**yes
libgcCVE-2016-9427high**yes
libgd2CVE-2018-5711not yet assignedno
libicalCVE-2016-5824medium**yes
CVE-2016-5825medium**yes
CVE-2016-5826medium**yes
CVE-2016-5827medium**yes
CVE-2016-9584medium**yes
libjgroups-javaCVE-2016-2141lowyes
libjpeg-turboCVE-2017-15232lowyes
libnet-server-perlCVE-2013-1841lowyes
libpodofoCVE-2017-6841medium**yes
CVE-2017-6845medium**yes
CVE-2017-6846medium**yes
CVE-2017-6849medium**yes
CVE-2017-8053medium**yes
CVE-2017-8054medium**yes
CVE-2017-8378high**yes
CVE-2018-5295not yet assignedno
CVE-2018-5296not yet assignedno
CVE-2018-5308not yet assignedno
CVE-2018-5309not yet assignedno
CVE-2018-5783not yet assignedno
librsyncCVE-2014-8242lowyes
libsassCVE-2017-10687lowyes
CVE-2017-11341medium**yes
CVE-2017-11342medium**yes
CVE-2017-11554medium**yes
CVE-2017-11555medium**yes
CVE-2017-11556medium**yes
CVE-2017-11605medium**yes
CVE-2017-11608medium**yes
CVE-2017-12962lowyes
CVE-2017-12963lowyes
CVE-2017-12964lowyes
libsndfileCVE-2017-14245lowyes
CVE-2017-14246lowyes
CVE-2017-14634medium**yes
CVE-2017-17456lowyes
CVE-2017-17457lowyes
libui-dialog-perlCVE-2008-7315high**yes
libvirtCVE-2018-5748not yet assigned?
libvorbisCVE-2017-11333lowyes
CVE-2017-14160medium**yes
libxfontCVE-2017-16611lowno
libxml-twig-perlCVE-2016-9180lowyes
libxml2CVE-2016-9318medium**yes
CVE-2017-16932medium**yes
libytnefCVE-2017-12141lowyes
CVE-2017-12142lowyes
CVE-2017-12144medium**yes
CVE-2017-9146medium**yes
CVE-2017-9470lowyes
CVE-2017-9471lowyes
CVE-2017-9472lowyes
CVE-2017-9473lowyes
CVE-2017-9474lowyes
libzipCVE-2017-14107lowyes
lilypondCVE-2017-17523medium**yes
linuxCVE-2013-7445high**yes
CVE-2015-8553low**no
CVE-2016-8660lowno
CVE-2017-1000379high**no
CVE-2017-17975medium**no
CVE-2017-5715medium**no
CVE-2017-5753medium**no
CVE-2018-1000004not yet assignedno
CVE-2018-5332not yet assignedno
CVE-2018-5333not yet assignedno
CVE-2018-5344not yet assignedno
CVE-2018-5703not yet assignedno
lrzipCVE-2017-8844medium**yes
CVE-2017-8846medium**yes
CVE-2017-9928medium**yes
CVE-2017-9929medium**yes
CVE-2018-5650not yet assignedno
CVE-2018-5747not yet assignedno
CVE-2018-5786not yet assignedno
mariadb-10.1CVE-2017-15365not yet assigned?
mariadb-10.2CVE-2017-10268low**no
CVE-2017-10286low**yes
CVE-2017-10320medium**yes
CVE-2017-10365medium**yes
CVE-2017-10378medium**yes
CVE-2017-10379medium**yes
CVE-2017-10384medium**yes
CVE-2017-15365not yet assigned?
CVE-2017-3257medium**yes
CVE-2017-3636medium**no
CVE-2017-3641medium**yes
CVE-2017-3653low**yes
mcollectiveCVE-2016-2788high**yes
CVE-2017-2292high**yes
mimedefangCVE-2017-14102medium**no
miniupnpdCVE-2017-1000494not yet assignedno
mp3spltCVE-2017-5666medium**yes
mpg321CVE-2017-11552medium**yes
mrubyCVE-2017-9527lowyes
mupdfCVE-2017-17866medium**yes
CVE-2018-5686not yet assignedno
mysql-5.7CVE-2018-2565not yet assignedno
CVE-2018-2573not yet assignedno
CVE-2018-2576not yet assignedno
CVE-2018-2583not yet assignedno
CVE-2018-2586not yet assignedno
CVE-2018-2590not yet assignedno
CVE-2018-2600not yet assignedno
CVE-2018-2612not yet assignedno
CVE-2018-2622not yet assignedno
CVE-2018-2640not yet assignedno
CVE-2018-2645medium**yes
CVE-2018-2646medium**yes
CVE-2018-2647high**yes
CVE-2018-2665medium**yes
CVE-2018-2667not yet assignedno
CVE-2018-2668not yet assignedno
CVE-2018-2696not yet assignedno
CVE-2018-2703not yet assignedno
mysql-connector-netCVE-2017-10203medium**yes
CVE-2017-10277medium**yes
CVE-2018-2585not yet assignedno
mysql-workbenchCVE-2017-3469lowyes
netbeansCVE-2016-5537medium**no
network-managerCVE-2012-1096low?
nginxCVE-2013-0337lowyes
node-tough-cookieCVE-2017-15010medium**yes
npmCVE-2016-3956medium**yes
nvidia-graphics-drivers (non-free)CVE-2017-6266medium**no
nvidia-graphics-drivers (non-free)CVE-2017-6267medium**no
nvidia-graphics-drivers (non-free)CVE-2017-6272high**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6266medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6267medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6272high**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6266medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6267medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6272high**no
obs-buildCVE-2017-14804not yet assigned?
ocamlCVE-2017-9779high**no
opencvCVE-2016-1516medium**yes
CVE-2016-1517medium**yes
CVE-2017-1000450medium**yes
CVE-2017-12597medium**yes
CVE-2017-12598medium**yes
CVE-2017-12599medium**yes
CVE-2017-12600high**yes
CVE-2017-12601medium**yes
CVE-2017-12602high**yes
CVE-2017-12603medium**yes
CVE-2017-12604medium**yes
CVE-2017-12605medium**yes
CVE-2017-12606medium**yes
CVE-2017-12862medium**yes
CVE-2017-12863medium**yes
CVE-2017-12864medium**yes
CVE-2017-17760medium**yes
CVE-2017-18009medium**yes
CVE-2018-5268not yet assignedno
CVE-2018-5269not yet assignedno
openexrCVE-2017-14988medium**yes
CVE-2017-9111medium**yes
CVE-2017-9113medium**yes
CVE-2017-9114medium**yes
CVE-2017-9115medium**yes
openjdk-8CVE-2018-2579not yet assignedno
CVE-2018-2582not yet assignedno
CVE-2018-2588not yet assignedno
CVE-2018-2599not yet assignedno
CVE-2018-2602not yet assignedno
CVE-2018-2603not yet assignedno
CVE-2018-2618not yet assignedno
CVE-2018-2629not yet assignedno
CVE-2018-2633not yet assignedno
CVE-2018-2634not yet assignedno
CVE-2018-2637not yet assignedno
CVE-2018-2641not yet assignedno
CVE-2018-2657not yet assignedno
CVE-2018-2663not yet assignedno
CVE-2018-2677not yet assignedno
CVE-2018-2678not yet assignedno
CVE-2018-2679not yet assignedno
openjdk-9CVE-2018-2579not yet assignedno
CVE-2018-2582not yet assignedno
CVE-2018-2588not yet assignedno
CVE-2018-2599not yet assignedno
CVE-2018-2602not yet assignedno
CVE-2018-2603not yet assignedno
CVE-2018-2618not yet assignedno
CVE-2018-2629not yet assignedno
CVE-2018-2633not yet assignedno
CVE-2018-2634not yet assignedno
CVE-2018-2637not yet assignedno
CVE-2018-2641not yet assignedno
CVE-2018-2657not yet assignedno
CVE-2018-2663not yet assignedno
CVE-2018-2677not yet assignedno
CVE-2018-2678not yet assignedno
CVE-2018-2679not yet assignedno
openjfxCVE-2018-2581not yet assignedno
openjpeg2CVE-2017-17480high**yes
CVE-2018-5727not yet assignedno
CVE-2018-5785not yet assignedno
opensslCVE-2017-3738lowyes
oscCVE-2017-9274not yet assigned?
passengerCVE-2017-16355low**yes
pdns-recursorCVE-2018-1000003not yet assigned?
percona-xtrabackupCVE-2016-6225medium**yes
phammCVE-2017-0378medium**yes
php-casCVE-2017-1000071medium**yes
php-gettextCVE-2016-6175high**yes
php7.0CVE-2017-8923high**yes
php7.1CVE-2017-8923high**yes
phpldapadminCVE-2017-11107medium**yes
pluxmlCVE-2017-1001001low**yes
pngcrushCVE-2015-7700high**yes
policykit-1CVE-2016-2568medium**no
potraceCVE-2017-7263medium**yes
profanityCVE-2017-5592medium**yes
TEMP-0857546-8B0EB6not yet assigned?
puppet-module-puppetlabs-apacheCVE-2017-2299medium**yes
pyradCVE-2013-0342low?
python-numpyCVE-2017-12852medium**yes
python-pysaml2CVE-2016-10127lowyes
CVE-2017-1000246medium**yes
CVE-2017-1000433medium**yes
python-restkitCVE-2015-2674medium**yes
python-scrapyCVE-2017-14158high**yes
qemuCVE-2017-15124not yet assignedno
CVE-2017-16845high**yes
CVE-2018-5683not yet assigned?
qt4-x11CVE-2016-10040medium**yes
qtbase-opensource-srcCVE-2016-10040medium**yes
quaggaCVE-2017-3224low?
rbenvCVE-2017-1000047high**yes
redmineCVE-2017-15568medium**yes
CVE-2017-15569medium**yes
CVE-2017-15570medium**yes
CVE-2017-15571medium**yes
CVE-2017-18026not yet assignedno
resiprocateCVE-2017-11521lowyes
resteasyCVE-2016-6345lowyes
CVE-2016-6346lowyes
CVE-2016-6347lowyes
CVE-2016-6348lowyes
CVE-2017-7561medium**yes
rsyncCVE-2018-5764not yet assignedno
ruby-net-ldapCVE-2017-17718medium**yes
ruby2.3CVE-2017-17790high**yes
ruby2.5CVE-2017-17790high**yes
simple-xmlCVE-2017-1000190medium**yes
spice-vdagentCVE-2017-15108not yet assignedno
spipCVE-2017-15736medium**yes
swftoolsCVE-2017-1000176medium**yes
CVE-2017-1000185medium**yes
CVE-2017-16793medium**yes
CVE-2017-16797medium**yes
tcpdumpCVE-2017-16808lowyes
tiffCVE-2017-11613medium**yes
CVE-2017-17942medium**yes
CVE-2017-17973medium**yes
CVE-2018-5360not yet assignedno
CVE-2018-5784not yet assignedno
tikaCVE-2016-4434medium**yes
tinymceCVE-2012-4230lowyes
tinyproxyCVE-2017-11747low**no
tt-rssCVE-2017-16896high**yes
unboundCVE-2017-15105not yet assigned?
undertowCVE-2017-12165not yet assigned?
CVE-2017-7559not yet assignedno
util-linuxCVE-2016-2779high**no
web2pyCVE-2016-10321medium**yes
CVE-2016-4806medium**yes
CVE-2016-4807low**yes
CVE-2016-4808medium**yes
wordpressCVE-2012-6707medium**yes
x11vncTEMP-0672435-7C494Cnot yet assigned?
xenCVE-2017-17563medium**no
CVE-2017-17564medium**no
CVE-2017-17565medium**no
CVE-2017-17566medium**no
xmltoolingCVE-2018-0486not yet assignedno
yaml-cppCVE-2017-11692medium**yes
CVE-2017-5950lowyes
yaml-cpp0.3CVE-2017-11692medium**yes
CVE-2017-5950lowyes
zziplibCVE-2017-5977medium**yes

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems