This page lists packages that may or may not be affected by known issues. This means that some additional work needs to be done to determined whether the package is actually vulnerable or not. This list is a good area for new contributors to make quick and meaningful contributions.
| Package | Bug | Description | Releases |
|---|---|---|---|
| ansible | CVE-2021-3447 | A flaw was found in several ansible modules, where parameters containi ... | bullseye, buster, sid, stretch |
| aom | CVE-2020-0478 | In extend_frame_lowbd of restoration.c, there is a possible out of bou ... | bullseye, buster, sid |
| hdf5 | CVE-2018-11205 | A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the ... | bullseye, buster, sid, stretch |
| CVE-2018-14031 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bullseye, buster, sid, stretch | |
| CVE-2018-14033 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bullseye, buster, sid, stretch | |
| CVE-2018-14034 | An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ... | bullseye, buster, sid, stretch | |
| CVE-2018-14035 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bullseye, buster, sid, stretch | |
| CVE-2018-14460 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bullseye, buster, sid, stretch | |
| CVE-2018-15671 | An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stac ... | bullseye, buster, sid, stretch | |
| CVE-2018-16438 | An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ... | bullseye, buster, sid, stretch | |
| CVE-2018-17433 | A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the ... | bullseye, buster, sid, stretch | |
| CVE-2018-17435 | A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the ... | bullseye, buster, sid, stretch | |
| CVE-2018-17436 | ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allo ... | bullseye, buster, sid, stretch | |
| CVE-2018-17439 | An issue was discovered in the HDF HDF5 1.10.3 library. There is a sta ... | bullseye, buster, sid, stretch | |
| CVE-2019-8396 | A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 ... | bullseye, buster, sid, stretch | |
| CVE-2019-8398 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ... | bullseye, buster, sid, stretch | |
| imagemagick | CVE-2021-20313 | Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signature.c | bullseye, buster, sid, stretch |
| intellij-community-idea | CVE-2019-10103 | JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/J ... | sid |
| jasperreports | CVE-2017-14941 | Jaspersoft JasperReports 4.7 suffers from a saved credential disclosur ... | stretch |
| CVE-2017-5528 | Multiple JasperReports Server components contain vulnerabilities which ... | stretch | |
| CVE-2017-5529 | JasperReports library components contain an information disclosure vul ... | stretch | |
| CVE-2017-5532 | A vulnerability in the report renderer component of TIBCO JasperReport ... | stretch | |
| CVE-2017-5533 | A vulnerability in the server content cache of TIBCO JasperReports Ser ... | stretch | |
| CVE-2018-5429 | A vulnerability in the report scripting component of TIBCO Software In ... | stretch | |
| CVE-2018-5430 | The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Serv ... | stretch | |
| CVE-2018-5431 | The domain designer component of TIBCO Software Inc.'s TIBCO JasperRep ... | stretch | |
| kfreebsd-10 | CVE-2014-7250 | The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly ... | buster, sid, stretch |
| kgb-bot | CVE-2015-1554 | kgb-bot 1.33-2 allows remote attackers to cause a denial of service (c ... | bullseye, buster, sid, stretch |
| libsixel | CVE-2020-36120 | Buffer Overflow in the "sixel_encoder_encode_bytes" function of Libsix ... | bullseye, buster, sid, stretch |
| linux | CVE-2020-0347 | In iptables, there is a possible out of bounds write due to an incorre ... | bullseye, buster, sid, stretch |
| CVE-2020-24502 | Improper input validation in some Intel(R) Ethernet E810 Adapter drive ... | bullseye, buster, sid, stretch | |
| CVE-2020-24503 | Insufficient access control in some Intel(R) Ethernet E810 Adapter dri ... | bullseye, buster, sid, stretch | |
| CVE-2020-24504 | Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapt ... | bullseye, buster, sid, stretch | |
| llvm-toolchain-11 | CVE-2020-0306 | In LLVM, there is a possible ineffective stack cookie placement due to ... | bullseye, sid, bullseye, sid |
| lua5.1 | CVE-2020-15945 | Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c ... | bullseye, buster, sid, stretch, bullseye, buster, sid, stretch, bullseye, buster, sid, stretch, bullseye, buster, sid, stretch |
| nagios4 | CVE-2020-35269 | Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross ... | bullseye, buster, sid |
| netpbm-free | CVE-2017-2579 | An out-of-bounds read vulnerability was found in netpbm before 10.61. ... | bullseye, buster, sid, stretch |
| CVE-2017-2580 | An out-of-bounds write vulnerability was found in netpbm before 10.61. ... | bullseye, buster, sid, stretch | |
| CVE-2017-2581 | An out-of-bounds write vulnerability was found in netpbm before 10.61. ... | bullseye, buster, sid, stretch | |
| opencv | CVE-2019-9423 | In opencv calls that use libpng, there is a possible out of bounds wri ... | bullseye, buster, sid, stretch |
| r-cran-readxl | CVE-2017-2910 | An exploitable Out-of-bounds Write vulnerability exists in the xls_add ... | bullseye, buster, sid, stretch |
| resteasy | CVE-2020-14326 | sid | |
| CVE-2020-1695 | A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final ... | sid | |
| CVE-2021-20293 | sid | ||
| resteasy3.0 | CVE-2016-6345 | RESTEasy allows remote authenticated users to obtain sensitive informa ... | bullseye, buster, sid |
| CVE-2016-6346 | RESTEasy enables GZIPInterceptor, which allows remote attackers to cau ... | bullseye, buster, sid | |
| CVE-2016-6347 | Cross-site scripting (XSS) vulnerability in the default exception hand ... | bullseye, buster, sid | |
| CVE-2016-6348 | JacksonJsonpInterceptor in RESTEasy might allow remote attackers to co ... | bullseye, buster, sid | |
| CVE-2020-10688 | bullseye, buster, sid | ||
| CVE-2020-14326 | bullseye, buster, sid | ||
| CVE-2021-20293 | bullseye, buster, sid | ||
| rust-mio | CVE-2020-35922 | An issue was discovered in the mio crate before 0.7.6 for Rust. It has ... | bullseye, buster, sid |
| rust-reqwest | CVE-2020-35875 | An issue was discovered in the tokio-rustls crate before 0.13.1 for Ru ... | sid |
| seafile-client | CVE-2021-30146 | Seafile 7.0.5 (2019) allows Persistent XSS via the "share of library f ... | bullseye, buster, sid |
| undertow | CVE-2021-20220 | A flaw was found in Undertow. A regression in the fix for CVE-2020-106 ... | sid |
| wordpress | CVE-2018-1000773 | WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation ... | bullseye, buster, sid, stretch |
| CVE-2019-8943 | WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An a ... | bullseye, buster, sid, stretch | |
| zabbix | CVE-2020-27834 | attacker can send the same request over and over again without changing the CSRF token | bullseye, buster, sid, stretch |