Bugs with TODO items

Show "check" TODOs

BugDescriptionNote
CVE-2020-0478In extend_frame_lowbd of restoration.c, there is a possible out of bou ...check if ebba9c769be2c99d5396d0018901e9a4af5e2d2c is the needed commit
CVE-2020-19716A buffer overflow vulnerability in the Databuf function in types.cpp o ...check, unclear if fixed or not, upstream cannot reproduce as well in 0.27.1 as reported
CVE-2020-23914An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer ...retroarch and salmon embed peglib, check if it's actually a security issue
CVE-2020-23915An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_es ...retroarch and salmon embed peglib, check if it's actually a security issue
CVE-2020-25467A null pointer dereference was discovered lzo_decompress_buf in stream ...check fixing commit
CVE-2021-3681RESERVEDcheck, needs verifying the affected ansible/ansible-base components
CVE-2021-3773RESERVEDfill in tracking details
CVE-2021-21897A code execution vulnerability exists in the DL_Dxf::handleLWPolylineD ...check, horizon-eda, cloudcompare, kicad embedds it, but needs to check if actually used and issue affects those
CVE-2021-22931Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Co ...check, nodejs uses system c-ares which fixed CVE-2021-3672 and so this entry might be not-affected
CVE-2021-32686PJSIP is a free and open source multimedia communication library writt ...check, might affect in impact src:ring
CVE-2021-33194golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows atta ...check completeness
CVE-2021-33928Buffer overflow vulnerability in function pool_installable in src/repo ...check, completeness
CVE-2021-33929Buffer overflow vulnerability in function pool_disabled_solvable in sr ...check, completeness
CVE-2021-33930Buffer overflow vulnerability in function pool_installable_whatprovide ...check, completeness
CVE-2021-33938Buffer overflow vulnerability in function prune_to_recommended in src/ ...check, completeness
TEMP-0000000-DD73A0Unexpected database bindings via requests (follow-up)check php-illuminate-database and CVE assignment

Search for package or bug name: Reporting problems