Bugs with TODO items

Show "check" TODOs

BugDescriptionNote
CVE-2019-18351An issue was discovered in channels/chan_sip.c in Sangoma Asterisk thr ...check with MITRE if CVE-2019-18351 simply should be dropped
CVE-2020-0478In extend_frame_lowbd of restoration.c, there is a possible out of bou ...check if ebba9c769be2c99d5396d0018901e9a4af5e2d2c is the needed commit
CVE-2020-3702u'Specifically timed and handcrafted traffic can cause internal errors ...check, it might affect src:linux as pointed out in https://lore.kernel.org/linux-wireless/CABvG-CVvPF++0vuGzCrBj8+s=Bcx1GwWfiW1_Somu_GVncTAcQ@mail.gmail.com/
CVE-2020-8492Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 ...check, upload of pypy/7.3.5+dfsg-1 to experimental claims this affects src:pypy
CVE-2020-13668RESERVEDcheck, instead in MITRE CVE-2020-13688 is for sa-core-2020-009, CNA contacted
CVE-2020-13688Cross-site scripting vulnerability in l Drupal Core allows an attacker ...check, drupal advisory references CVE-2020-13668 instead, CNA contacted
CVE-2020-13950Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be mad ...check why this only a problem starting in 2.4.41
CVE-2020-20178A flaw was found in OpenLDAP. This flaw allows an attacker who can sen ...wait for cleanup, CVE is wrongly associated
CVE-2020-23914An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer ...retroarch and salmon embed peglib, check if it's actually a security issue
CVE-2020-23915An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_es ...retroarch and salmon embed peglib, check if it's actually a security issue
CVE-2020-25467A null pointer dereference was discovered lzo_decompress_buf in stream ...check fixing commit
CVE-2020-28600An out-of-bounds write vulnerability exists in the import_stl.cc:impor ...cheick, maybe fixed already in 2021.01-1
CVE-2021-3283HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task d ...check details
CVE-2021-3426There's a flaw in Python 3's pydoc. A local or adjacent attacker who d ...check, upload of pypy/7.3.5+dfsg-1 to experimental claims this affects src:pypy
CVE-2021-3556RESERVEDcleanup after official reject
CVE-2021-3563scarce details on it if there are upstream references, try to get more information
CVE-2021-3583Template Injection through yaml multi-line strings with ansible facts used in templatescarce information, check later
CVE-2021-3597check, lack of details
CVE-2021-20206An improper limitation of path name flaw was found in containernetwork ...check details, impact on docker.io?
CVE-2021-20220A flaw was found in Undertow. A regression in the fix for CVE-2020-106 ...CVE for incomplete fix for CVE-2020-10687 but not clear if affected any Debian released version
CVE-2021-20291A deadlock vulnerability was found in 'github.com/containers/storage' ...check golang-github-containers-buildah, docker.io
CVE-2021-20329Specific cstrings input may not be properly validated in the MongoDB G ...check, mongo-driver driver embedded in src:kubernetes
CVE-2021-23215An integer overflow leading to a heap-buffer overflow was found in the ...check details
CVE-2021-26260An integer overflow leading to a heap-buffer overflow was found in the ...check details
CVE-2021-26945An integer overflow leading to a heap-buffer overflow was found in Ope ...check details
CVE-2021-27345A null pointer dereference was discovered in ucompthread in stream.c i ...check fixing commit
CVE-2021-27347Use after free in lzma_decompress_buf function in stream.c in Irzip 0. ...check fixing commit
CVE-2021-30535Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a re ...check src:icu
CVE-2021-33194golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows atta ...check completeness
TEMP-0000000-DD73A0Unexpected database bindings via requests (follow-up)check php-illuminate-database and CVE assignment
Search for package or bug name: Reporting problems