Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2017-2910An exploitable Out-of-bounds Write vulnerability exists in the xls_add ...check
CVE-2020-11987Apache Batik 1.13 is vulnerable to server-side request forgery, caused ...check fixing commits
CVE-2020-11988Apache XmlGraphics Commons 2.4 is vulnerable to server-side request fo ...check fixing commits
CVE-2020-11997Apache Guacamole 1.2.0 and earlier do not consistently restrict access ...check details, both guacamole-client and guacamole-server affected?
CVE-2020-13697An issue was discovered in RouterNanoHTTPD.java in NanoHTTPD through 2 ...check
CVE-2020-14409SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow ...check libsdl1.2
CVE-2020-24502Improper input validation in some Intel(R) Ethernet E810 Adapter drive ...checking, might affect src:linux, ice drivers
CVE-2020-24503Insufficient access control in some Intel(R) Ethernet E810 Adapter dri ...checking, might affect src:linux, ice drivers
CVE-2020-24504Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapt ...checking, might affect src:linux, ice drivers
CVE-2020-25646A flaw was found in Ansible Collection community.crypto. openssl_priva ...check
CVE-2020-27543The restify-paginate package 0.0.5 for Node.js allows remote attackers ...check
CVE-2020-27637The R programming language’s default package manager CRAN is aff ...check details
CVE-2020-35132An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that a ...check, unclear that the issue is completely fixed, cf. https://github.com/leenooks/phpLDAPadmin/issues/130#issuecomment-745152260
CVE-2020-35875An issue was discovered in the tokio-rustls crate before 0.13.1 for Ru ...check
CVE-2020-35922An issue was discovered in the mio crate before 0.7.6 for Rust. It has ...check
CVE-2020-36240The ResourceDownloadRewriteRule class in Crowd before version 4.0.4, a ...check
CVE-2020-3702u'Specifically timed and handcrafted traffic can cause internal errors ...check, it might affect src:linux as pointed out in https://lore.kernel.org/linux-wireless/CABvG-CVvPF++0vuGzCrBj8+s=Bcx1GwWfiW1_Somu_GVncTAcQ@mail.gmail.com/
CVE-2021-0366In vpu, there is a possible memory corruption due to a race condition. ...check
CVE-2021-0367In vpu, there is a possible memory corruption due to a race condition. ...check
CVE-2021-0401In vow, there is a possible memory corruption due to a race condition. ...check
CVE-2021-0402In jpeg, there is a possible out of bounds write due to improper input ...check
CVE-2021-0403In netdiag, there is a possible information disclosure due to a missin ...check
CVE-2021-0404In mobile_log_d, there is a possible information disclosure due to imp ...check
CVE-2021-0405In performance driver, there is a possible out of bounds write due to ...check
CVE-2021-0406In cameraisp, there is a possible out of bounds write due to a missing ...check
CVE-2021-20201Client initiated renegotiation denial of servicecheck details
CVE-2021-20206check details, impact on docker.io?
CVE-2021-20220A flaw was found in Undertow. A regression in the fix for CVE-2020-106 ...CVE for incomplete fix for CVE-2020-10687 but not clear if affected any Debian released version
CVE-2021-20243Division by zero in GetResizeFilterWeight in MagickCore/resize.ccheck
CVE-2021-20327A specific version of the Node.js mongodb-client-encryption module doe ...check
CVE-2021-21297Node-Red is a low-code programming for event-driven applications built ...check
CVE-2021-21298Node-Red is a low-code programming for event-driven applications built ...check
CVE-2021-21320matrix-react-sdk is an npm package which is a Matrix SDK for React Jav ...check
CVE-2021-21321fastify-reply-from is an npm package which is a fastify plugin to forw ...check
CVE-2021-21322fastify-http-proxy is an npm package which is a fastify plugin for pro ...check
CVE-2021-21328Vapor is a web framework for Swift. In Vapor before version 4.40.1, th ...check
CVE-2021-21517SRS Policy Manager 6.X is affected by an XML External Entity Injection ...check
CVE-2021-21974OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESX ...check
CVE-2021-22114Addresses partial fix in CVE-2018-1263. Spring-integration-zip, versio ...check
CVE-2021-23336The package python/cpython from 0 and before 3.6.13, from 3.7.0 and be ...check Py2 status
CVE-2021-23345All versions of package github.com/thecodingmachine/gotenberg are vuln ...check
CVE-2021-25914Prototype pollution vulnerability in 'object-collider' versions 1.0.0 ...check
CVE-2021-27804JPEG XL (aka jpeg-xl) through 0.3.2 allows writable memory corruption. ...check
CVE-2021-27884Weak JSON Web Token (JWT) signing secret generation in YMFE YApi throu ...check
CVE-2021-3283HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task d ...check details
TEMP-0000000-DD73A0Unexpected database bindings via requests (follow-up)check php-illuminate-database and CVE assignment

Search for package or bug name: Reporting problems