This page lists packages that may or may not be affected by known issues. This means that some additional work needs to be done to determined whether the package is actually vulnerable or not. This list is a good area for new contributors to make quick and meaningful contributions.
| Package | Bug | Description | Releases |
|---|---|---|---|
| ansible | CVE-2021-3447 | A flaw was found in several ansible modules, where parameters containi ... | bookworm, bullseye, buster, sid, stretch |
| aom | CVE-2020-0478 | In extend_frame_lowbd of restoration.c, there is a possible out of bou ... | bookworm, bullseye, buster, sid |
| exiv2 | CVE-2020-19716 | A buffer overflow vulnerability in the Databuf function in types.cpp o ... | bookworm, bullseye, buster, sid, stretch |
| firmware-nonfree | CVE-2020-12313 | Insufficient control flow management in some Intel(R) PROSet/Wireless ... | bookworm, bullseye, buster, sid, stretch |
| CVE-2020-12317 | Improper buffer restriction in some Intel(R) PROSet/Wireless WiFi prod ... | bookworm, bullseye, buster, sid, stretch | |
| CVE-2020-12319 | Insufficient control flow management in some Intel(R) PROSet/Wireless ... | bookworm, bullseye, buster, sid, stretch | |
| CVE-2020-12321 | Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) pro ... | bookworm, bullseye, buster, sid, stretch | |
| gnome-shell | CVE-2021-20315 | locking protection bypass allow unauthorized user to kill existing applications or start new ones | bookworm, bullseye, buster, sid, stretch |
| hdf5 | CVE-2018-11205 | A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the ... | bookworm, bullseye, buster, sid, stretch |
| CVE-2019-8396 | A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 ... | bookworm, bullseye, buster, sid, stretch | |
| CVE-2019-8398 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ... | bookworm, bullseye, buster, sid, stretch | |
| intellij-community-idea | CVE-2019-10103 | JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/J ... | sid |
| jasperreports | CVE-2017-5528 | Multiple JasperReports Server components contain vulnerabilities which ... | stretch |
| CVE-2017-5529 | JasperReports library components contain an information disclosure vul ... | stretch | |
| CVE-2017-5532 | A vulnerability in the report renderer component of TIBCO JasperReport ... | stretch | |
| CVE-2017-5533 | A vulnerability in the server content cache of TIBCO JasperReports Ser ... | stretch | |
| CVE-2017-14941 | Jaspersoft JasperReports 4.7 suffers from a saved credential disclosur ... | stretch | |
| CVE-2018-5429 | A vulnerability in the report scripting component of TIBCO Software In ... | stretch | |
| CVE-2018-5430 | The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Serv ... | stretch | |
| CVE-2018-5431 | The domain designer component of TIBCO Software Inc.'s TIBCO JasperRep ... | stretch | |
| kfreebsd-10 | CVE-2014-7250 | The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly ... | buster, sid, stretch |
| kgb-bot | CVE-2015-1554 | kgb-bot 1.33-2 allows remote attackers to cause a denial of service (c ... | bookworm, bullseye, buster, sid, stretch |
| libstb | CVE-2021-28021 | Buffer overflow vulnerability in function stbi__extend_receive in stb_ ... | bookworm, bullseye, buster, sid |
| CVE-2021-42715 | An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR ... | bookworm, bullseye, buster, sid | |
| CVE-2021-42716 | An issue was discovered in stb stb_image.h 2.27. The PNM loader incorr ... | bookworm, bullseye, buster, sid | |
| linux | CVE-2020-0347 | In iptables, there is a possible out of bounds write due to an incorre ... | bookworm, bullseye, buster, sid, stretch |
| CVE-2020-26140 | An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for ... | bookworm, bullseye, buster, sid, stretch | |
| CVE-2020-26142 | An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WP ... | bookworm, bullseye, buster, sid, stretch | |
| CVE-2020-26143 | An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for ... | bookworm, bullseye, buster, sid, stretch | |
| llvm-toolchain-11 | CVE-2020-0306 | In LLVM, there is a possible ineffective stack cookie placement due to ... | bookworm, bullseye, sid, bookworm, bullseye, sid |
| lrzip | CVE-2020-25467 | A null pointer dereference was discovered lzo_decompress_buf in stream ... | bookworm, bullseye, buster, sid, stretch |
| nagvis | CVE-2021-33178 | The Manage Backgrounds functionality within Nagvis versions prior to 2 ... | bookworm, bullseye, buster, sid, stretch |
| netpbm-free | CVE-2017-2579 | An out-of-bounds read vulnerability was found in netpbm before 10.61. ... | bookworm, bullseye, buster, sid, stretch |
| CVE-2017-2580 | An out-of-bounds write vulnerability was found in netpbm before 10.61. ... | bookworm, bullseye, buster, sid, stretch | |
| CVE-2017-2581 | An out-of-bounds write vulnerability was found in netpbm before 10.61. ... | bookworm, bullseye, buster, sid, stretch | |
| nomad | CVE-2021-41865 | HashiCorp Nomad and Nomad Enterprise 1.1.1 through 1.1.5 allowed authe ... | bookworm, bullseye, sid |
| onionshare | CVE-2021-41867 | An information disclosure vulnerability in OnionShare 2.3 before 2.4 a ... | bookworm, bullseye, buster, sid |
| CVE-2021-41868 | OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to u ... | bookworm, bullseye, buster, sid | |
| opencv | CVE-2019-9423 | In opencv calls that use libpng, there is a possible out of bounds wri ... | bookworm, bullseye, buster, sid, stretch |
| otrs2 | CVE-2021-36092 | It's possible to create an email which contains specially crafted link ... | bookworm, bullseye, buster, sid, stretch |
| CVE-2021-36093 | It's possible to create an email which can be stuck while being proces ... | bookworm, bullseye, buster, sid, stretch | |
| CVE-2021-36094 | It's possible to craft a request for appointment edit screen, which co ... | bookworm, bullseye, buster, sid, stretch | |
| CVE-2021-36095 | Malicious attacker is able to find out valid user logins by using the ... | bookworm, bullseye, buster, sid, stretch | |
| CVE-2021-36096 | Generated Support Bundles contains private S/MIME and PGP keys if cont ... | bookworm, bullseye, buster, sid, stretch | |
| resteasy | CVE-2020-1695 | A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final ... | sid |
| CVE-2020-14326 | A vulnerability was found in RESTEasy, where RootNode incorrectly cach ... | sid | |
| CVE-2021-20293 | A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in a ... | sid | |
| resteasy3.0 | CVE-2016-6345 | RESTEasy allows remote authenticated users to obtain sensitive informa ... | bookworm, bullseye, buster, sid |
| CVE-2016-6346 | RESTEasy enables GZIPInterceptor, which allows remote attackers to cau ... | bookworm, bullseye, buster, sid | |
| CVE-2016-6347 | Cross-site scripting (XSS) vulnerability in the default exception hand ... | bookworm, bullseye, buster, sid | |
| CVE-2016-6348 | JacksonJsonpInterceptor in RESTEasy might allow remote attackers to co ... | bookworm, bullseye, buster, sid | |
| CVE-2020-10688 | A cross-site scripting (XSS) flaw was found in RESTEasy in versions be ... | bookworm, bullseye, buster, sid | |
| CVE-2020-14326 | A vulnerability was found in RESTEasy, where RootNode incorrectly cach ... | bookworm, bullseye, buster, sid | |
| CVE-2021-20293 | A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in a ... | bookworm, bullseye, buster, sid | |
| thunderbird | CVE-2021-38502 | bookworm, bullseye, buster, sid, stretch | |
| tinyexr | CVE-2018-12064 | tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChann ... | bookworm, bullseye, sid |
| CVE-2018-12687 | tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h ... | bookworm, bullseye, sid | |
| CVE-2018-12688 | tinyexr 0.9.5 has a segmentation fault in the wav2Decode function. ... | bookworm, bullseye, sid | |
| tinyobjloader | CVE-2020-28589 | An improper array index validation vulnerability exists in the LoadObj ... | bookworm, bullseye, sid |
| wordpress | CVE-2018-1000773 | WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation ... | bookworm, bullseye, buster, sid, stretch |
| wordpress | CVE-2019-8943 | WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An a ... | bookworm, bullseye, buster, sid, stretch |