| Bug | Description | Note |
|---|
| CVE-2018-16981 | stb stb_image.h 2.19, as used in catimg, Emscripten, and other product ... | further check, stb_image.h in older version is embedded in src:catimg |
| CVE-2018-18653 | The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Se ... | check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way. |
| CVE-2019-10219 | A vulnerability was found in Hibernate-Validator. The SafeHtml validat ... | 20190910: Asked for more information in #1738673. (apo) |
| CVE-2019-12107 | The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd ... | check, might affect minidlna |
| CVE-2019-12422 | Apache Shiro before 1.4.2, when using the default "remember me" config ... | check details on fix |
| CVE-2019-14493 | An issue was discovered in OpenCV before 4.1.1. There is a NULL pointe ... | check if the old code though is really affected, might been introduced with the refactoring |
| CVE-2019-14855 | WoT forgeries using SHA-1 | check for details, possibly more commits? |
| CVE-2019-15486 | django-js-reverse (aka Django JS Reverse) before 0.9.1 has XSS via js_ ... | check, might actually only have been introduced in upstream v0.9.0 with commits around 9850b675e3d988341c05302df236a560f7985184 |
| CVE-2019-19590 | In radare2 through 4.0, there is an integer overflow for the variable ... | check details |
| CVE-2019-19601 | OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of ... | check affected, detex is embedded in src;texlive-bin bun unclear which versions affected. |
| CVE-2019-9946 | Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ... | singularity-container seems to embed as well a copy of cni |