Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2018-9389In ip6_append_data of ip6_output.c, there is a possible way to achieve ...check, potentially src:linux upstream and not Android specific
CVE-2022-23538github.com/sylabs/scs-library-client is the Go client for the Singular ...check details, might as well affect golang-github-apptainer-container-library-client
CVE-2023-24010An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 ...check
CVE-2023-24011An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 ...check
CVE-2023-24012An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 ...check
CVE-2023-26044react/http is an event-driven, streaming HTTP client and server implem ...check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected
CVE-2023-49316In Math/BinaryField.php in phpseclib 3 before 3.0.34, excessively larg ...check if affecting ldap-account-manager or unused path
CVE-2023-50251php-svg-lib is an SVG file parsing / rendering library. Prior to versi ...check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked
CVE-2023-50252php-svg-lib is an SVG file parsing / rendering library. Prior to versi ...check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked
CVE-2023-50262Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Do ...check sources embedding php-dompdf if affected
CVE-2024-22420JupyterLab is an extensible environment for interactive and reproducib ...check completeness, src:jupyter-notebook?
CVE-2024-22421JupyterLab is an extensible environment for interactive and reproducib ...check completeness, src:jupyter-notebook?
CVE-2024-28180Package jose aims to provide an implementation of the Javascript Objec ...check completeness
CVE-2024-36353Insufficient clearing of GPU global memory could allow a malicious pro ...check, AMD GPU related, but unclear if src:linux
CVE-2024-57520Insecure Permissions vulnerability in asterisk v22 allows a remote att ...check upstream awareness and position
CVE-2025-1386When using the ch-go library, under a specific condition when the quer ...check
CVE-2025-3196A vulnerability, which was classified as critical, was found in Open A ...fixed upstream in master, need to identify upstream commit
CVE-2025-3406A vulnerability was found in Nothings stb up to f056911. It has been c ...check upstream
CVE-2025-3407A vulnerability was found in Nothings stb up to f056911. It has been d ...check upstream
CVE-2025-3408A vulnerability was found in Nothings stb up to f056911. It has been r ...check upstream
CVE-2025-3409A vulnerability classified as critical has been found in Nothings stb ...check upstream
CVE-2025-23090With the aid of the diagnostics_channel utility, an event can be hooke ...check, seems to be duplicate of CVE-2025-23083, verify it with CNA
CVE-2025-29787`zip` is a zip library for rust which supports reading and writing of ...check, might only be introduced in 1.3.0
CVE-2025-29923go-redis is the official Redis client library for the Go programming l ...research introducing commit, might be post 9.5.1
CVE-2025-32067Improper Input Validation vulnerability in The Wikimedia Foundation Me ...check
CVE-2025-32068Incorrect Authorization vulnerability in The Wikimedia Foundation Medi ...check
CVE-2025-32069Improper Input Validation vulnerability in The Wikimedia Foundation Me ...check
CVE-2025-32070Improper Input Validation vulnerability in The Wikimedia Foundation Me ...check
CVE-2025-32071Improper Input Validation vulnerability in The Wikimedia Foundation Me ...check
CVE-2025-32072Improper Encoding or Escaping of Output vulnerability in The Wikimedia ...check
CVE-2025-32073Improper Input Validation vulnerability in The Wikimedia Foundation Me ...check
CVE-2025-32074Improper Encoding or Escaping of Output vulnerability in The Wikimedia ...check
CVE-2025-32075Improper Input Validation vulnerability in The Wikimedia Foundation Me ...check
CVE-2025-32076Improper Input Validation vulnerability in The Wikimedia Foundation Me ...check
CVE-2025-32077Improper Input Validation vulnerability in The Wikimedia Foundation Me ...check
CVE-2025-32078Improper Encoding or Escaping of Output vulnerability in The Wikimedia ...check
CVE-2025-32079Improper Input Validation vulnerability in The Wikimedia Foundation Me ...check
CVE-2025-32080Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...check

Search for package or bug name: Reporting problems