Vulnerable source packages in the unstable suite

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
9baseCVE-2014-1935low?
accountsserviceCVE-2012-6655low?
acidbaseCVE-2012-1017lowyes
activemqCVE-2014-3576not yet assigned?
android-toolsCVE-2012-5564low**no
arcTEMP-0774439-ECBE09low?
TEMP-0774527-3B586Flow?
asteriskCVE-2015-3008medium**yes
atticCVE-2015-4082not yet assigned?
automake-1.14TEMP-0760455-22ED59low?
axis2cCVE-2012-5351lowyes
CVE-2012-6107medium**yes
binutilsTEMP-0000000-A2945Bnot yet assigned?
blenderCVE-2010-5105lowno
byzanzCVE-2015-2785lowyes
chickenCVE-2014-9651not yet assigned?
CVE-2015-4556not yet assigned?
chromium-browserTEMP-0000000-1F1692low?
cinderCVE-2013-2255not yet assigned?
cobblerCVE-2011-1551medium**no
couchdbCVE-2014-2668lowyes
courierTEMP-0000000-116B28not yet assigned?
cyasslCVE-2011-3389medium**yes
CVE-2014-2901not yet assigned?
CVE-2014-2902not yet assigned?
CVE-2014-2903not yet assigned?
CVE-2014-2904not yet assigned?
CVE-2014-3566medium**yes
CVE-2014-6491high**yes
CVE-2014-6494medium**yes
CVE-2014-6495medium**yes
CVE-2014-6496medium**yes
CVE-2014-6500high**yes
TEMP-0000000-2D36D7not yet assigned?
dcrawCVE-2015-3885medium**yes
debian-installerTEMP-0788634-523580low?
designateCVE-2015-5694not yet assigned?
CVE-2015-5695not yet assigned?
djbdnsCVE-2008-4392highyes
CVE-2012-1191medium**yes
djvulibreTEMP-0775193-7F000Enot yet assigned?
dolibarrCVE-2015-3935medium**yes
duplicityCVE-2014-3495low?
elixirCVE-2012-2146lowyes
encfsCVE-2014-3462low?
extplorerCVE-2013-5951low**yes
CVE-2015-0896medium**yes
eyed3CVE-2014-1934lowno
facterCVE-2015-1426low**no
fckeditorCVE-2014-4037lowyes
freeimageCVE-2015-3885medium**yes
freeradiusCVE-2015-4680not yet assigned?
fuseisoTEMP-0779047-8CABD5not yet assigned?
TEMP-0779047-E29D8Enot yet assigned?
gcc-4.6CVE-2002-2439low?
CVE-2014-5044not yet assigned?
gksuCVE-2014-2886medium**yes
glanceCVE-2015-3289not yet assigned?
glibcCVE-2013-2207lowno
CVE-2014-8121lowyes
CVE-2015-1781not yet assigned?
TEMP-0779587-B973D8not yet assigned?
TEMP-0779587-F20A8Anot yet assigned?
gnome-orcaCVE-2013-4245not yet assigned?
groovyCVE-2015-3253not yet assigned?
gst-plugins-bad0.10CVE-2015-0797medium**yes
haCVE-2015-1198low?
haskell-tlsCVE-2013-0169low**yes
hexchatTEMP-0776609-026A07not yet assigned?
hhvmCVE-2014-9714medium**yes
CVE-2015-3413not yet assigned?
CVE-2015-4024medium**yes
CVE-2015-4663not yet assigned?
hplipCVE-2015-0839not yet assigned?
htTEMP-0773308-EE1012low?
icedoveCVE-2015-2721medium**yes
CVE-2015-2724high**yes
CVE-2015-2725high**yes
CVE-2015-2726high**yes
CVE-2015-2731high**yes
CVE-2015-2734high**yes
CVE-2015-2735high**yes
CVE-2015-2736high**yes
CVE-2015-2737high**yes
CVE-2015-2738high**yes
CVE-2015-2739high**yes
CVE-2015-2740high**yes
CVE-2015-2741medium**yes
icuTEMP-0000000-7586EDnot yet assigned?
imagemagickTEMP-0000000-2FC21Elow?
TEMP-0000000-7C079Fnot yet assigned?
TEMP-0000000-EEF23Clow?
TEMP-0000000-FDAC72not yet assigned?
ipythonCVE-2015-4707not yet assigned?
CVE-2015-5607not yet assigned?
jenkinsCVE-2014-3665not yet assigned?
CVE-2015-1806not yet assigned?
CVE-2015-1807not yet assigned?
CVE-2015-1808not yet assigned?
CVE-2015-1809not yet assigned?
CVE-2015-1810not yet assigned?
CVE-2015-1811not yet assigned?
CVE-2015-1812not yet assigned?
CVE-2015-1813not yet assigned?
CVE-2015-1814not yet assigned?
jythonCVE-2013-2027lowno
kde-workspaceCVE-2015-1308lowyes
kdepimCVE-2014-8878not yet assigned?
kdeplasma-addonsCVE-2013-2120low?
kexec-toolsTEMP-0766772-93FAA3not yet assigned?
kfreebsd-10CVE-2011-2393lowyes
kgbCVE-2015-1192medium**yes
kodiCVE-2015-3885medium**yes
libarchiveTEMP-0784213-45868Blow?
libavCVE-2015-1872medium**yes
CVE-2015-5479low?
libblurayTEMP-0000000-EA424Anot yet assigned?
libcsoapCVE-2015-2297not yet assigned?
libdata-uuid-perlCVE-2013-4184low?
libhibernate-validator-javaCVE-2014-3558lowyes
libhtpTEMP-0774897-BC9A31not yet assigned?
TEMP-0777522-650525not yet assigned?
TEMP-0783007-4C0B51not yet assigned?
libjbcrypt-javaCVE-2015-0886medium**yes
libmp3-info-perlCVE-2013-6499not yet assigned?
libnet-server-perlCVE-2013-1841lowyes
librsyncCVE-2014-8242low?
libspring-javaCVE-2014-3578lowyes
CVE-2014-3625medium**yes
libsshCVE-2015-3146not yet assigned?
libuserCVE-2015-3245not yet assigned?
CVE-2015-3246not yet assigned?
libxerces2-javaCVE-2012-0881low?
libxml2CVE-2015-1819low?
TEMP-0782985-586F49not yet assigned?
TEMP-0783010-C482B4not yet assigned?
lighttpdCVE-2015-3200lowyes
linuxCVE-2015-1333not yet assigned?
CVE-2015-1350not yet assigned?
CVE-2015-2925not yet assigned?
CVE-2015-5697not yet assigned?
CVE-2015-5707not yet assigned?
llvm-toolchain-3.4CVE-2015-2305lowyes
llvm-toolchain-3.5CVE-2015-2305lowyes
llvm-toolchain-3.6CVE-2015-2305medium**yes
llvm-toolchain-snapshotCVE-2015-2305medium**yes
midgard2-coreCVE-2014-8148high**no
mini-httpdCVE-2015-1548medium**yes
mplayerCVE-2013-6933lowyes
muttTEMP-0775199-D05A9Elow?
mysql-5.5CVE-2015-0499low**yes
CVE-2015-0501medium**yes
CVE-2015-0505low**yes
CVE-2015-2571medium**yes
CVE-2015-2582medium**yes
CVE-2015-2620medium**yes
CVE-2015-2643medium**yes
CVE-2015-2648medium**yes
CVE-2015-4737low**yes
CVE-2015-4752medium**yes
nagios3CVE-2013-7107lowyes
CVE-2013-7108lowyes
CVE-2013-7205lowyes
net-snmpCVE-2015-5621not yet assigned?
nettyCVE-2015-2156not yet assigned?
netty-3.9CVE-2015-2156not yet assigned?
network-managerCVE-2012-1096low?
CVE-2015-2924not yet assigned?
newlibCVE-2015-2305medium**yes
nodeCVE-2015-2927not yet assigned?
novaCVE-2013-2255not yet assigned?
CVE-2015-1850not yet assigned?
CVE-2015-2687low?
CVE-2015-3241not yet assigned?
nssCVE-2015-4000medium**yes
ntopCVE-2014-4165medium**yes
opencryptokiCVE-2012-4454lowyes
CVE-2012-4455lowno
openhpiCVE-2015-3248not yet assigned?
openjdk-6CVE-2012-5373lowyes
CVE-2014-8873high?
CVE-2015-2590high**yes
CVE-2015-2601medium**yes
CVE-2015-2613medium**yes
CVE-2015-2621medium**yes
CVE-2015-2625low**yes
CVE-2015-2628high**yes
CVE-2015-2632medium**yes
CVE-2015-2808medium**yes
CVE-2015-4000medium**yes
CVE-2015-4731high**yes
CVE-2015-4732high**yes
CVE-2015-4733high**yes
CVE-2015-4748high**yes
CVE-2015-4749medium**yes
CVE-2015-4760high**yes
openjdk-7CVE-2012-5373lowyes
openjdk-8CVE-2014-3566medium**yes
opensshCVE-2015-5352not yet assignedno
CVE-2015-5600not yet assignedno
opensslCVE-2015-4000medium**yes
openstack-troveCVE-2015-3156low?
opus-toolsCVE-2014-9639medium**yes
pamCVE-2015-3238not yet assigned?
parallelCVE-2015-4155low**no
CVE-2015-4156low**no
passengerCVE-2013-4136medium**no
CVE-2014-1831low**no
paxCVE-2015-1193lowyes
CVE-2015-1194lowyes
pcre3CVE-2015-2326not yet assigned?
CVE-2015-3210not yet assigned?
CVE-2015-3217not yet assigned?
TEMP-0000000-5D3D68low?
TEMP-0000000-AC1BE2not yet assigned?
TEMP-0000000-DDAEEElow?
phantomjsCVE-2013-4549medium**yes
php5CVE-2013-6501medium**no
CVE-2014-5459lowno
policykit-1CVE-2015-3255not yet assigned?
CVE-2015-3256not yet assigned?
CVE-2015-4625low?
puppet-module-puppetlabs-stdlibCVE-2015-1029medium**yes
pykerberosCVE-2015-3206not yet assigned?
pyradCVE-2013-0342low?
python-restkitCVE-2015-2674not yet assigned?
python-rplyCVE-2014-1938low?
python2.7CVE-2013-7440not yet assigned?
qemuCVE-2015-3214not yet assigned?
CVE-2015-5154not yet assigned?
CVE-2015-5158not yet assigned?
CVE-2015-5165not yet assigned?
CVE-2015-5166not yet assigned?
qpid-cppCVE-2012-4446lowyes
CVE-2012-4458lowyes
CVE-2012-4459lowyes
CVE-2012-4460lowyes
CVE-2014-0212low?
CVE-2014-3629lowyes
CVE-2015-0203not yet assigned?
CVE-2015-0223medium**yes
radare2CVE-2015-2305lowyes
railsCVE-2015-3226medium**yes
CVE-2015-3227medium**yes
rar (non-free)TEMP-0774172-B2A845not yet assigned?
rhn-client-toolsCVE-2015-1777not yet assigned?
ropeCVE-2014-3539not yet assigned?
roundcubeCVE-2015-5381not yet assigned?
CVE-2015-5382not yet assigned?
rsyncTEMP-0786423-948688low?
ruby-bsonCVE-2015-4410not yet assigned?
ruby-jquery-railsCVE-2015-1840medium**yes
ruby-jwtTEMP-0781640-F16931not yet assigned?
ruby-omniauthTEMP-0000000-2F3E8Bnot yet assigned?
ruby-sidekiqTEMP-0000000-23C1BDnot yet assigned?
TEMP-0000000-BD209Fnot yet assigned?
TEMP-0000000-F9A459not yet assigned?
ruby2.1CVE-2009-5147not yet assigned?
ruby2.2CVE-2009-5147not yet assigned?
sogoCVE-2015-5395not yet assigned?
TEMP-0000000-9C98EFnot yet assigned?
squashfs-toolsCVE-2015-4645not yet assigned?
CVE-2015-4646not yet assigned?
tinymceCVE-2012-4230lowyes
tweepyCVE-2012-5825lowyes
unshieldCVE-2015-1386low?
vorbis-toolsCVE-2014-9639lowyes
w3afCVE-2013-2099lowyes
web2ldapCVE-2013-7258lowyes
wpaCVE-2015-4141medium**yes
CVE-2015-4142medium**yes
CVE-2015-4143medium**yes
CVE-2015-4144medium**yes
CVE-2015-4145medium**yes
CVE-2015-4146medium**yes
TEMP-0000000-3F5737not yet assigned?
xbindkeys-configCVE-2014-9513not yet assigned?
xbmcCVE-2014-3800lowno
CVE-2015-3885medium**yes
TEMP-0000000-9FAB83low?
xchatTEMP-0776609-026A07not yet assigned?
xchat-gnomeTEMP-0776609-026A07not yet assigned?
xdebTEMP-0781595-E39EEEnot yet assigned?
xenCVE-2014-9066medium**no
CVE-2015-3259lowno
CVE-2015-4163medium**no
CVE-2015-4164medium**no
CVE-2015-5165not yet assigned?
xerces-cCVE-2012-0880low?
xmltoolingCVE-2015-0851not yet assigned?
yuiCVE-2013-6780lowyes
zooTEMP-0774453-CA58EElow?

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems