Packages that may be vulnerable but need to be checked (undetermined issues)

This page lists packages that may or may not be affected by known issues. This means that some additional work needs to be done to determined whether the package is actually vulnerable or not. This list is a good area for new contributors to make quick and meaningful contributions.

PackageBugDescriptionReleases
gridengineCVE-2018-20871In Univa Grid Engine before 8.6.3, when configured for Docker jobs and ...buster, sid, stretch
hdf5CVE-2018-11205A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the ...bullseye, buster, sid, stretch
CVE-2018-13866An issue was discovered in the HDF HDF5 1.8.20 library. There is a sta ...bullseye, buster, sid, stretch
CVE-2018-13867An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ...bullseye, buster, sid, stretch
CVE-2018-13868An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...bullseye, buster, sid, stretch
CVE-2018-13869An issue was discovered in the HDF HDF5 1.8.20 library. There is a mem ...bullseye, buster, sid, stretch
CVE-2018-13870An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...bullseye, buster, sid, stretch
CVE-2018-13871An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...bullseye, buster, sid, stretch
CVE-2018-13872An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...bullseye, buster, sid, stretch
CVE-2018-13873An issue was discovered in the HDF HDF5 1.8.20 library. There is a buf ...bullseye, buster, sid, stretch
CVE-2018-13874An issue was discovered in the HDF HDF5 1.8.20 library. There is a sta ...bullseye, buster, sid, stretch
CVE-2018-13875An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ...bullseye, buster, sid, stretch
CVE-2018-13876An issue was discovered in the HDF HDF5 1.8.20 library. There is a sta ...bullseye, buster, sid, stretch
CVE-2018-14031An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...bullseye, buster, sid, stretch
CVE-2018-14033An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...bullseye, buster, sid, stretch
CVE-2018-14034An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ...bullseye, buster, sid, stretch
CVE-2018-14035An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...bullseye, buster, sid, stretch
CVE-2018-14460An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...bullseye, buster, sid, stretch
CVE-2018-15671An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stac ...bullseye, buster, sid, stretch
CVE-2018-16438An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ...bullseye, buster, sid, stretch
CVE-2018-17433A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the ...bullseye, buster, sid, stretch
CVE-2018-17435A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the ...bullseye, buster, sid, stretch
CVE-2018-17436ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allo ...bullseye, buster, sid, stretch
CVE-2018-17439An issue was discovered in the HDF HDF5 1.10.3 library. There is a sta ...bullseye, buster, sid, stretch
CVE-2019-8396A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 ...bullseye, buster, sid, stretch
CVE-2019-8398An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...bullseye, buster, sid, stretch
imagemagickCVE-2020-25663bullseye, buster, sid, stretch
CVE-2020-27752bullseye, buster, sid, stretch
CVE-2020-27766bullseye, buster, sid, stretch
CVE-2020-27776bullseye, buster, sid, stretch
intellij-community-ideaCVE-2019-10103JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/J ...sid
CVE-2019-10104In several JetBrains IntelliJ IDEA Ultimate versions, an Application S ...sid
CVE-2019-14954JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plant ...sid
CVE-2019-18361JetBrains IntelliJ IDEA before 2019.2 allows local user privilege esca ...sid
CVE-2019-9186In several JetBrains IntelliJ IDEA versions, a Spring Boot run configu ...sid
CVE-2019-9823In several JetBrains IntelliJ IDEA versions, creating remote run confi ...sid
CVE-2019-9872In several versions of JetBrains IntelliJ IDEA Ultimate, creating run ...sid
CVE-2019-9873In several versions of JetBrains IntelliJ IDEA Ultimate, creating Task ...sid
CVE-2020-11690In JetBrains IntelliJ IDEA before 2020.1, the license server could be ...sid
CVE-2020-7904In JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were ...sid
CVE-2020-7905Ports listened to by JetBrains IntelliJ IDEA before 2019.3 were expose ...sid
CVE-2020-7914In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfigur ...sid
jasperreportsCVE-2017-14941Jaspersoft JasperReports 4.7 suffers from a saved credential disclosur ...stretch
CVE-2017-5528Multiple JasperReports Server components contain vulnerabilities which ...stretch
CVE-2017-5529JasperReports library components contain an information disclosure vul ...stretch
CVE-2017-5532A vulnerability in the report renderer component of TIBCO JasperReport ...stretch
CVE-2017-5533A vulnerability in the server content cache of TIBCO JasperReports Ser ...stretch
CVE-2018-5429A vulnerability in the report scripting component of TIBCO Software In ...stretch
CVE-2018-5430The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Serv ...stretch
CVE-2018-5431The domain designer component of TIBCO Software Inc.'s TIBCO JasperRep ...stretch
kfreebsd-10CVE-2014-7250The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly ...buster, sid, stretch
kgb-botCVE-2015-1554kgb-bot 1.33-2 allows remote attackers to cause a denial of service (c ...bullseye, buster, sid, stretch
libsassCVE-2017-10687In LibSass 3.4.5, there is a heap-based buffer over-read in the functi ...bullseye, buster, sid, stretch
CVE-2017-11341There is a heap based buffer over-read in lexer.hpp of LibSass 3.4.5. ...bullseye, buster, sid, stretch
CVE-2017-11342There is an illegal address access in ast.cpp of LibSass 3.4.5. A craf ...bullseye, buster, sid, stretch
CVE-2017-11605There is a heap based buffer over-read in LibSass 3.4.5, related to ad ...bullseye, buster, sid, stretch
CVE-2017-12962There are memory leaks in LibSass 3.4.5 triggered by deeply nested cod ...bullseye, buster, sid, stretch
CVE-2017-12963There is an illegal address access in Sass::Eval::operator() in eval.c ...bullseye, buster, sid, stretch
CVE-2017-12964There is a stack consumption issue in LibSass 3.4.5 that is triggered ...bullseye, buster, sid, stretch
CVE-2018-19218In LibSass 3.5-stable, there is an illegal address access at Sass::Par ...bullseye, buster, sid, stretch
CVE-2018-19219In LibSass 3.5-stable, there is an illegal address access at Sass::Eva ...bullseye, buster, sid, stretch
linuxCVE-2019-12881i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_userptr.c ...bullseye, buster, sid, stretch
CVE-2020-0347In iptables, there is a possible out of bounds write due to an incorre ...bullseye, buster, sid, stretch
llvm-toolchain-10CVE-2020-0306In LLVM, there is a possible ineffective stack cookie placement due to ...bullseye, sid, bullseye, sid, bullseye, sid
lua5.1CVE-2020-15945Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c ...bullseye, buster, sid, stretch, bullseye, buster, sid, stretch, bullseye, buster, sid, stretch, bullseye, buster, sid, stretch
mysql-5.7CVE-2017-15365sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before ...sid
netpbm-freeCVE-2017-2579An out-of-bounds read vulnerability was found in netpbm before 10.61. ...bullseye, buster, sid, stretch
CVE-2017-2580An out-of-bounds write vulnerability was found in netpbm before 10.61. ...bullseye, buster, sid, stretch
CVE-2017-2581An out-of-bounds write vulnerability was found in netpbm before 10.61. ...bullseye, buster, sid, stretch
opencvCVE-2019-9423In opencv calls that use libpng, there is a possible out of bounds wri ...bullseye, buster, sid, stretch
openjdk-11CVE-2018-12438The Elliptic Curve Cryptography library (aka sunec or libsunec) allows ...bullseye, buster, sid, sid, stretch
phpmyadminCVE-2020-22278** DISPUTED ** phpMyAdmin through 5.0.2 allows CSV injection via Expor ...bullseye, sid, stretch
resteasyCVE-2020-14326sid
CVE-2020-1695A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final ...sid
resteasy3.0CVE-2016-6345RESTEasy allows remote authenticated users to obtain sensitive informa ...bullseye, buster, sid
CVE-2016-6346RESTEasy enables GZIPInterceptor, which allows remote attackers to cau ...bullseye, buster, sid
CVE-2016-6347Cross-site scripting (XSS) vulnerability in the default exception hand ...bullseye, buster, sid
CVE-2016-6348JacksonJsonpInterceptor in RESTEasy might allow remote attackers to co ...bullseye, buster, sid
CVE-2020-10688bullseye, buster, sid
CVE-2020-14326bullseye, buster, sid
CVE-2020-1695A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final ...bullseye, buster, sid
sqlite3CVE-2020-9849An information disclosure issue was addressed with improved state managementbullseye, buster, sid, stretch
CVE-2020-9991A remote attacker may be able to cause a denial of service on macOSbullseye, buster, sid, stretch
wordpressCVE-2018-1000773WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation ...bullseye, buster, sid, stretch
wordpressCVE-2019-8943WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An a ...bullseye, buster, sid, stretch
Search for package or bug name: Reporting problems