Vulnerable source packages in the unstable suite

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
389-ds-baseCVE-2016-5416medium**yes
abiwordCVE-2017-17529medium**yes
accountsserviceCVE-2012-6655low?
activemqCVE-2017-15709not yet assignedno
android-platform-system-coreCVE-2017-13156high**no
aodhCVE-2017-12440medium**yes
apng2gifCVE-2017-6960medium**yes
CVE-2017-6961medium**yes
CVE-2017-6962medium**yes
arcTEMP-0774439-ECBE09low?
TEMP-0774527-3B586Flow?
aubioCVE-2017-17054medium**yes
CVE-2017-17554lowyes
CVE-2017-17555lowyes
backintimeCVE-2017-16667high**yes
bareosCVE-2017-14610medium**no
binutilsCVE-2017-13716lowyes
CVE-2018-7208not yet assignedno
bluezCVE-2016-9797medium**yes
CVE-2016-9798medium**yes
CVE-2016-9799medium**yes
CVE-2016-9800medium**yes
CVE-2016-9801medium**yes
CVE-2016-9802medium**yes
CVE-2016-9803medium**yes
CVE-2016-9804medium**yes
CVE-2016-9917medium**yes
CVE-2016-9918medium**yes
bundlerCVE-2016-7954high**yes
byzanzCVE-2015-2785lowyes
cairoCVE-2017-7475lowyes
CVE-2017-9814lowyes
cephCVE-2017-7519not yet assigned?
check-mkCVE-2017-9781medium**yes
chefCVE-2015-8559medium**yes
chromium-browserCVE-2018-6056not yet assigned?
collectdCVE-2017-16820high**yes
coreutilsCVE-2016-2781low**no
cronCVE-2017-9525medium**no
dcrawCVE-2015-8366not yet assigned?
dnsmasqCVE-2017-15107medium**yes
docker.ioCVE-2017-16539medium**yes
dojoCVE-2018-6561medium**yes
dokuwikiCVE-2016-7964medium**yes
CVE-2016-7965medium**yes
CVE-2017-12583medium**yes
CVE-2017-12979medium**yes
CVE-2017-12980medium**yes
CVE-2017-18123not yet assignedno
dolibarrCVE-2017-1000509not yet assignedno
CVE-2017-14238high**yes
CVE-2017-14239low**yes
CVE-2017-14240medium**yes
CVE-2017-14241low**yes
CVE-2017-14242high**yes
CVE-2017-17897high**yes
CVE-2017-17898medium**yes
CVE-2017-17899high**yes
CVE-2017-17900high**yes
CVE-2017-17971medium**yes
CVE-2017-9840medium**yes
dovecotCVE-2017-15132medium**yes
exiv2CVE-2017-1000128medium**yes
CVE-2017-11591lowyes
CVE-2017-11683lowyes
CVE-2017-14859medium**yes
CVE-2017-14862medium**yes
CVE-2017-14864medium**yes
CVE-2017-17669medium**yes
CVE-2017-18005lowyes
ffmpegCVE-2018-6912lowno
firmware-nonfree (non-free)CVE-2017-9417high**yes
fmtlibCVE-2018-1000052not yet assignedno
fontforgeCVE-2017-11570lowyes
CVE-2017-11573lowyes
freeipaCVE-2015-5179medium**yes
CVE-2017-11191medium**yes
freetypeCVE-2018-6942not yet assignedno
gdk-pixbufCVE-2017-6312lowyes
CVE-2017-6313lowyes
CVE-2017-6314lowyes
gdm3CVE-2016-1000002low?
ghostscriptCVE-2016-10317medium**yes
gitlabCVE-2017-0915not yet assigned?
CVE-2017-0916not yet assigned?
CVE-2017-0917not yet assigned?
CVE-2017-0918not yet assigned?
CVE-2017-0923not yet assigned?
CVE-2017-0925not yet assigned?
CVE-2017-0926not yet assigned?
CVE-2017-0927not yet assigned?
CVE-2018-3710not yet assigned?
gksuCVE-2014-2886medium**yes
glibcCVE-2016-10228medium**yes
CVE-2017-8804high**yes
CVE-2018-6485not yet assignedno
CVE-2018-6551not yet assignedno
golang-1.10CVE-2018-7187not yet assignedno
golang-1.7CVE-2017-15041high**yes
CVE-2017-15042medium**yes
CVE-2018-6574not yet assignedno
CVE-2018-7187not yet assignedno
golang-1.8CVE-2018-6574not yet assignedno
CVE-2018-7187not yet assignedno
golang-1.9CVE-2018-7187not yet assignedno
guacamole-clientCVE-2016-1566low**yes
hdf5CVE-2017-17505medium**yes
CVE-2017-17506medium**yes
CVE-2017-17507medium**yes
CVE-2017-17508medium**yes
CVE-2017-17509medium**yes
hesiodCVE-2016-10151lowno
CVE-2016-10152lowyes
icinga2CVE-2017-16933lowno
CVE-2018-6536not yet assignedno
icuCVE-2017-15422not yet assigned?
imagemagickCVE-2017-14528medium**yes
irssiCVE-2018-5205medium**yes
CVE-2018-5206high**yes
CVE-2018-5207medium**yes
CVE-2018-5208high**yes
CVE-2018-7050not yet assignedno
CVE-2018-7051not yet assignedno
CVE-2018-7052not yet assignedno
CVE-2018-7053not yet assignedno
CVE-2018-7054not yet assignedno
isc-dhcpCVE-2017-3144not yet assigned?
jakarta-jmeterCVE-2018-1287not yet assignedno
CVE-2018-1297not yet assignedno
kannelCVE-2017-14609lowno
kgb-botCVE-2015-1554lowyes
kodiCVE-2017-5982medium**yes
kojiCVE-2017-1002153medium**yes
krb5CVE-2018-5709medium**yes
CVE-2018-5710medium**yes
lameCVE-2017-15019medium**yes
ldnsCVE-2017-1000231high**yes
CVE-2017-1000232high**yes
ledgerCVE-2017-12481lowyes
CVE-2017-12482lowyes
CVE-2017-2807lowyes
CVE-2017-2808lowyes
leptonlibCVE-2018-7247not yet assignedno
libaoCVE-2017-11548lowyes
libapache-poi-javaCVE-2017-12626not yet assignedno
CVE-2017-5644high**yes
libapache2-mod-nssCVE-2015-3277medium**yes
libarchiveCVE-2017-14501medium**yes
CVE-2017-14502medium**yes
CVE-2017-14503medium**yes
libcrocoCVE-2017-8834lowyes
CVE-2017-8871lowyes
libcspCVE-2016-8596high**yes
CVE-2016-8597high**yes
CVE-2016-8598high**yes
libgcCVE-2016-9427high**yes
libgcrypt20CVE-2018-6829not yet assignedno
libgd2CVE-2018-5711medium**yes
libicalCVE-2016-5824medium**yes
CVE-2016-5825medium**yes
CVE-2016-5826medium**yes
CVE-2016-5827medium**yes
CVE-2016-9584medium**yes
libjgroups-javaCVE-2016-2141lowyes
libjpeg-turboCVE-2017-15232lowyes
libmadCVE-2018-7263not yet assigned?
libnet-server-perlCVE-2013-1841lowyes
libpodofoCVE-2017-6841medium**yes
CVE-2017-6845medium**yes
CVE-2017-6846medium**yes
CVE-2017-6849medium**yes
CVE-2017-8053medium**yes
CVE-2017-8054medium**yes
CVE-2017-8378high**yes
CVE-2018-5295lowyes
CVE-2018-5296lowyes
CVE-2018-5308lowyes
CVE-2018-5309lowyes
CVE-2018-5783medium**yes
CVE-2018-6352medium**yes
librsyncCVE-2014-8242lowyes
libsassCVE-2017-10687lowyes
CVE-2017-11341medium**yes
CVE-2017-11342medium**yes
CVE-2017-11554medium**yes
CVE-2017-11555medium**yes
CVE-2017-11556medium**yes
CVE-2017-11605medium**yes
CVE-2017-11608medium**yes
CVE-2017-12962lowyes
CVE-2017-12963lowyes
CVE-2017-12964lowyes
libsndfileCVE-2017-14245lowyes
CVE-2017-14246lowyes
CVE-2017-14634medium**yes
CVE-2017-17456lowyes
CVE-2017-17457lowyes
libui-dialog-perlCVE-2008-7315high**yes
libvncserverCVE-2018-7225not yet assignedno
libvorbisCVE-2017-11333lowyes
CVE-2017-14160medium**yes
libxfontCVE-2017-16611lowno
libxml-twig-perlCVE-2016-9180lowyes
libxml2CVE-2016-9318medium**yes
CVE-2017-16932medium**yes
libytnefCVE-2017-12141lowyes
CVE-2017-12142lowyes
CVE-2017-12144medium**yes
CVE-2017-9146medium**yes
CVE-2017-9470lowyes
CVE-2017-9471lowyes
CVE-2017-9472lowyes
CVE-2017-9473lowyes
CVE-2017-9474lowyes
libzipCVE-2017-14107lowyes
linuxCVE-2013-7445high**yes
CVE-2015-8553low**no
CVE-2016-8660lowno
CVE-2017-1000379high**no
CVE-2017-17975medium**no
CVE-2017-5753medium**no
CVE-2018-1000026not yet assignedno
CVE-2018-5703high**yes
CVE-2018-6412not yet assignedno
CVE-2018-7273not yet assigned?
lrzipCVE-2017-8844medium**yes
CVE-2017-8846medium**yes
CVE-2017-9928medium**yes
CVE-2017-9929medium**yes
CVE-2018-5650medium**yes
CVE-2018-5747medium**yes
CVE-2018-5786medium**yes
mariadb-10.1CVE-2017-15365medium**yes
mariadb-10.2CVE-2017-10268low**no
CVE-2017-10286low**yes
CVE-2017-10320medium**yes
CVE-2017-10365medium**yes
CVE-2017-10378medium**yes
CVE-2017-10379medium**yes
CVE-2017-10384medium**yes
CVE-2017-15365medium**yes
CVE-2017-3257medium**yes
CVE-2017-3636medium**no
CVE-2017-3641medium**yes
CVE-2017-3653low**yes
mcollectiveCVE-2016-2788high**yes
CVE-2017-2292high**yes
mimedefangCVE-2017-14102medium**no
mp3spltCVE-2017-5666medium**yes
mpg321CVE-2017-11552medium**yes
mrubyCVE-2017-9527lowyes
mupdfCVE-2017-17866medium**yes
CVE-2018-1000051not yet assignedno
CVE-2018-5686medium**yes
CVE-2018-6187medium**yes
CVE-2018-6192medium**yes
CVE-2018-6544medium**yes
myreposCVE-2018-7032not yet assignedno
mysql-connector-netCVE-2017-10203medium**yes
CVE-2017-10277medium**yes
CVE-2018-2585high**yes
mysql-workbenchCVE-2017-3469lowyes
netbeansCVE-2016-5537medium**no
network-managerCVE-2012-1096low?
nginxCVE-2013-0337lowyes
node-tough-cookieCVE-2017-15010medium**yes
novaCVE-2017-18191not yet assignedno
npmCVE-2016-3956medium**yes
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5715medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5753medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-5754medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6266medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6267medium**no
nvidia-graphics-drivers-legacy-304xx (non-free)CVE-2017-6272high**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6266medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6267medium**no
nvidia-graphics-drivers-legacy-340xx (non-free)CVE-2017-6272high**no
obs-buildCVE-2017-14804not yet assigned?
ocamlCVE-2017-9779high**no
opencvCVE-2016-1516medium**yes
CVE-2016-1517medium**yes
CVE-2017-1000450medium**yes
CVE-2017-12597medium**yes
CVE-2017-12598medium**yes
CVE-2017-12599medium**yes
CVE-2017-12600high**yes
CVE-2017-12601medium**yes
CVE-2017-12602high**yes
CVE-2017-12603medium**yes
CVE-2017-12604medium**yes
CVE-2017-12605medium**yes
CVE-2017-12606medium**yes
CVE-2017-12862medium**yes
CVE-2017-12863medium**yes
CVE-2017-12864medium**yes
CVE-2017-17760medium**yes
CVE-2017-18009medium**yes
CVE-2018-5268medium**yes
CVE-2018-5269medium**yes
openexrCVE-2017-14988medium**yes
CVE-2017-9111medium**yes
CVE-2017-9113medium**yes
CVE-2017-9114medium**yes
CVE-2017-9115medium**yes
openjdk-8CVE-2018-2579medium**yes
CVE-2018-2582medium**yes
CVE-2018-2588medium**yes
CVE-2018-2599medium**yes
CVE-2018-2602low**no
CVE-2018-2603medium**yes
CVE-2018-2618medium**yes
CVE-2018-2629low**yes
CVE-2018-2633medium**yes
CVE-2018-2634medium**yes
CVE-2018-2637medium**yes
CVE-2018-2641low**yes
CVE-2018-2657medium**yes
CVE-2018-2663medium**yes
CVE-2018-2677medium**yes
CVE-2018-2678medium**yes
CVE-2018-2679medium**yes
openjdk-9CVE-2018-2579medium**yes
CVE-2018-2582medium**yes
CVE-2018-2588medium**yes
CVE-2018-2599medium**yes
CVE-2018-2602low**no
CVE-2018-2603medium**yes
CVE-2018-2618medium**yes
CVE-2018-2629low**yes
CVE-2018-2633medium**yes
CVE-2018-2634medium**yes
CVE-2018-2637medium**yes
CVE-2018-2641low**yes
CVE-2018-2657medium**yes
CVE-2018-2663medium**yes
CVE-2018-2677medium**yes
CVE-2018-2678medium**yes
CVE-2018-2679medium**yes
openjfxCVE-2018-2581medium**yes
openjpeg2CVE-2017-17480high**yes
CVE-2018-5727lowyes
CVE-2018-5785lowyes
CVE-2018-6616not yet assignedno
opensslCVE-2017-3738lowyes
passengerCVE-2017-16355low**yes
percona-xtrabackupCVE-2016-6225medium**yes
phammCVE-2017-0378medium**yes
php-casCVE-2017-1000071medium**yes
php-gettextCVE-2016-6175high**yes
php7.0CVE-2015-9253not yet assignedno
CVE-2017-8923high**yes
php7.1CVE-2015-9253not yet assignedno
CVE-2017-8923high**yes
php7.2CVE-2015-9253not yet assignedno
phpldapadminCVE-2017-11107medium**yes
pluxmlCVE-2017-1001001low**yes
pngcrushCVE-2015-7700high**yes
policykit-1CVE-2016-2568medium**no
potraceCVE-2017-7263medium**yes
poundCVE-2016-10711not yet assignedno
profanityTEMP-0857546-8B0EB6not yet assigned?
puppetCVE-2017-10689not yet assignedno
puppet-module-puppetlabs-apacheCVE-2017-2299medium**yes
CVE-2018-6508not yet assignedno
puppet-module-puppetlabs-aptCVE-2018-6508not yet assignedno
puppet-module-puppetlabs-mysqlCVE-2018-6508not yet assignedno
pycryptodomeCVE-2018-6594not yet assignedno
pyradCVE-2013-0342low?
python-cryptoCVE-2018-6594not yet assignedno
python-numpyCVE-2017-12852medium**yes
python-pysaml2CVE-2016-10127lowyes
CVE-2017-1000246medium**yes
CVE-2017-1000433medium**yes
python-restkitCVE-2015-2674medium**yes
python-scrapyCVE-2017-14158high**yes
qemuCVE-2017-15124high**yes
CVE-2017-16845high**yes
CVE-2018-5683low**no
qt4-x11CVE-2016-10040medium**yes
qtbase-opensource-srcCVE-2016-10040medium**yes
quaggaCVE-2017-3224low?
CVE-2018-5378not yet assignedno
CVE-2018-5379not yet assignedno
CVE-2018-5380not yet assignedno
CVE-2018-5381not yet assignedno
rbenvCVE-2017-1000047high**yes
redmineCVE-2017-15568medium**yes
CVE-2017-15569medium**yes
CVE-2017-15570medium**yes
CVE-2017-15571medium**yes
CVE-2017-18026medium**yes
resiprocateCVE-2017-11521lowyes
resteasyCVE-2016-6345lowyes
CVE-2016-6346lowyes
CVE-2016-6347lowyes
CVE-2016-6348lowyes
CVE-2017-7561medium**yes
rsyncCVE-2018-5764medium**yes
ruby-net-ldapCVE-2017-17718medium**yes
ruby2.3CVE-2017-17790high**yes
ruby2.5CVE-2017-17790high**yes
shadowCVE-2018-7169not yet assignedno
simple-xmlCVE-2017-1000190medium**yes
spice-vdagentCVE-2017-15108medium**no
spipCVE-2017-15736medium**yes
swftoolsCVE-2017-1000176medium**yes
CVE-2017-1000185medium**yes
CVE-2017-16793medium**yes
CVE-2017-16797medium**yes
systemdCVE-2018-6954not yet assignedno
tcpdumpCVE-2017-16808lowyes
thrift-compilerCVE-2016-5397not yet assignedno
tiffCVE-2017-11613lowyes
CVE-2017-17942medium**yes
CVE-2017-17973medium**yes
CVE-2018-5360medium**yes
tikaCVE-2016-4434medium**yes
tinymceCVE-2012-4230lowyes
tinyproxyCVE-2017-11747low**no
tt-rssCVE-2017-16896high**yes
unboundCVE-2017-15105medium**yes
undertowCVE-2017-12165not yet assigned?
CVE-2017-7559medium**yes
unzipCVE-2018-1000035not yet assignedno
util-linuxCVE-2016-2779high**no
vnctermCVE-2018-7226not yet assignedno
wavpackCVE-2018-6767not yet assignedno
CVE-2018-7253not yet assignedno
CVE-2018-7254not yet assignedno
waylandCVE-2017-16612medium**yes
web2pyCVE-2016-10321medium**yes
CVE-2016-4806medium**yes
CVE-2016-4807low**yes
CVE-2016-4808medium**yes
wordpressCVE-2012-6707medium**yes
CVE-2018-6389not yet assignedno
x11vncTEMP-0672435-7C494Cnot yet assigned?
xenCVE-2017-17563medium**no
CVE-2017-17564medium**no
CVE-2017-17565medium**no
CVE-2017-17566medium**no
yaml-cppCVE-2017-11692medium**yes
CVE-2017-5950lowyes
yaml-cpp0.3CVE-2017-11692medium**yes
CVE-2017-5950lowyes
zziplibCVE-2017-5977medium**yes
CVE-2018-6381medium**yes
CVE-2018-6484medium**yes
CVE-2018-6540medium**yes
CVE-2018-6541medium**yes
CVE-2018-6542medium**yes
CVE-2018-6869not yet assignedno

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems