Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2017-11750The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 an ...check if patch simplifying patch applied in any suite
CVE-2017-18240The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownersh ...check
CVE-2017-8087Information Leakage in PPPoE Packet Padding in AVM Fritz!Box 7490 with ...check
CVE-2018-16981stb stb_image.h 2.19, as used in catimg, Emscripten, and other product ...further check, stb_image.h in older version is embedded in src:catimg
CVE-2018-18653The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Se ...check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way.
CVE-2019-10079Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. E ...check
CVE-2019-1010091tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization ...check
CVE-2019-10214RESERVEDcheck, issue is in containers library, which is at least embedded in src:singularity-container
CVE-2019-1021920190910: Asked for more information in #1738673. (apo)
CVE-2019-11674Man-in-the-middle vulnerability in Micro Focus Self Service Password R ...check
CVE-2019-12107The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd ...check, might affect minidlna
CVE-2019-12147The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interfac ...check
CVE-2019-12148The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interfac ...check
CVE-2019-12290GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ...check
CVE-2019-12967Stephan Mooltipass Moolticute through 0.42.1 (and possibly earlier ver ...check
CVE-2019-13464An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) 3.0.2 ...check
CVE-2019-14493An issue was discovered in OpenCV before 4.1.1. There is a NULL pointe ...check if the old code though is really affected, might been introduced with the refactoring
CVE-2019-14513Improper bounds checking in Dnsmasq before 2.76 allows an attacker con ...Find the relevant isolated changes in the 2.76 release to address the issue.
CVE-2019-15486django-js-reverse (aka Django JS Reverse) before 0.9.1 has XSS via js_ ...check, might actually only have been introduced in upstream v0.9.0 with commits around 9850b675e3d988341c05302df236a560f7985184
CVE-2019-16921In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/in ...check, see kernel-sec
CVE-2019-17177libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0 ...check
CVE-2019-17178HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-0 ...check
CVE-2019-17189totemodata 3.0.0_b936 has XSS via a folder name. ...check
CVE-2019-17402Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in ...check
CVE-2019-17424A stack-based buffer overflow in the processPrivilage() function in IO ...check
CVE-2019-17498In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic i ...check
CVE-2019-17526** DISPUTED ** An issue was discovered in SageMath Sage Cell Server th ...check
CVE-2019-17624In X.Org X Server 1.20.4, there is a stack-based buffer overflow in th ...check
CVE-2019-18224idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a hea ...check
CVE-2019-3685Fails to adequately verify TLS certificates allowing for a man in the middle attackcheck, might affect only 0.165.0 through 0.165.2, but not earlier versions
CVE-2019-4523IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable ...check
CVE-2019-9232In libvpx, there is a possible out of bounds read due to a missing bou ...check
CVE-2019-9233In wpa_supplicant_8, there is a possible out of bounds read due to an ...check
CVE-2019-9234In wpa_supplicant_8, there is a possible out of bounds read due to a m ...check
CVE-2019-9243In wpa_supplicant_8, there is a possible out of bounds read due to a m ...check
CVE-2019-9277In the proc filesystem, there is a possible information disclosure due ...check
CVE-2019-9278In libexif, there is a possible out of bounds write due to an integer ...check
CVE-2019-9282In skia, there is a possible out of bounds read due to a missing bound ...check
CVE-2019-9290In tzdata there is possible memory corruption due to a mismatch betwee ...check
CVE-2019-9325In libvpx, there is a possible out of bounds read due to a missing bou ...check
CVE-2019-9371In libvpx, there is a possible resource exhaustion due to improper inp ...check
CVE-2019-9372In libskia, there is a possible crash due to a missing null check. Thi ...check
CVE-2019-9375In hostapd, there is a possible out of bounds write due to a race cond ...check
CVE-2019-9414In wpa_supplicant, there is a possible man in the middle vulnerability ...check
CVE-2019-9423In opencv calls that use libpng, there is a possible out of bounds wri ...check
CVE-2019-9433In libvpx, there is a possible information disclosure due to improper ...check
CVE-2019-9444In the Android kernel in sync debug fs driver there is a kernel pointe ...check
CVE-2019-9946Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...singularity-container seems to embed as well a copy of cni

Search for package or bug name: Reporting problems