Packages that may be vulnerable but need to be checked (undetermined issues)

This page lists packages that may or may not be affected by known issues. This means that some additional work needs to be done to determined whether the package is actually vulnerable or not. This list is a good area for new contributors to make quick and meaningful contributions.

PackageBugDescriptionReleases
ansibleCVE-2021-3447A flaw was found in several ansible modules, where parameters containi ...bullseye, buster, sid, stretch
CVE-2021-3583Template Injection through yaml multi-line strings with ansible facts used in templatebullseye, buster, sid, stretch
ansible-baseCVE-2021-3532A flaw was found in Ansible where the secret information present in as ...sid
CVE-2021-3583Template Injection through yaml multi-line strings with ansible facts used in templatesid
aomCVE-2020-0478In extend_frame_lowbd of restoration.c, there is a possible out of bou ...bullseye, buster, sid
firmware-nonfreeCVE-2020-12313Insufficient control flow management in some Intel(R) PROSet/Wireless ...bullseye, buster, sid, stretch
CVE-2020-12317Improper buffer restriction in some Intel(R) PROSet/Wireless WiFi prod ...bullseye, buster, sid, stretch
CVE-2020-12319Insufficient control flow management in some Intel(R) PROSet/Wireless ...bullseye, buster, sid, stretch
CVE-2020-12321Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) pro ...bullseye, buster, sid, stretch
golang-github-sylabs-sifCVE-2021-29499SIF is an open source implementation of the Singularity Container Imag ...bullseye, sid
hdf5CVE-2018-11205A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the ...bullseye, buster, sid, stretch
CVE-2019-8396A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 ...bullseye, buster, sid, stretch
CVE-2019-8398An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...bullseye, buster, sid, stretch
intellij-community-ideaCVE-2019-10103JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/J ...sid
jasperreportsCVE-2017-5528Multiple JasperReports Server components contain vulnerabilities which ...stretch
CVE-2017-5529JasperReports library components contain an information disclosure vul ...stretch
CVE-2017-5532A vulnerability in the report renderer component of TIBCO JasperReport ...stretch
CVE-2017-5533A vulnerability in the server content cache of TIBCO JasperReports Ser ...stretch
CVE-2017-14941Jaspersoft JasperReports 4.7 suffers from a saved credential disclosur ...stretch
CVE-2018-5429A vulnerability in the report scripting component of TIBCO Software In ...stretch
CVE-2018-5430The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Serv ...stretch
CVE-2018-5431The domain designer component of TIBCO Software Inc.'s TIBCO JasperRep ...stretch
keystoneCVE-2021-3563bullseye, buster, sid, stretch
kfreebsd-10CVE-2014-7250The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly ...buster, sid, stretch
kgb-botCVE-2015-1554kgb-bot 1.33-2 allows remote attackers to cause a denial of service (c ...bullseye, buster, sid, stretch
libpdfbox-javaCVE-2021-31811In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMem ...bullseye, buster, sid, stretch
CVE-2021-31812In Apache PDFBox, a carefully crafted PDF file can trigger an infinite ...bullseye, buster, sid, stretch
linuxCVE-2020-0347In iptables, there is a possible out of bounds write due to an incorre ...bullseye, buster, sid, stretch
CVE-2020-26140An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for ...bullseye, buster, sid, stretch
CVE-2020-26142An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WP ...bullseye, buster, sid, stretch
CVE-2020-26143An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for ...bullseye, buster, sid, stretch
llvm-toolchain-11CVE-2020-0306In LLVM, there is a possible ineffective stack cookie placement due to ...bullseye, sid, bullseye, sid
lrzipCVE-2020-25467A null pointer dereference was discovered lzo_decompress_buf in stream ...bullseye, buster, sid, stretch
CVE-2021-27345A null pointer dereference was discovered in ucompthread in stream.c i ...bullseye, buster, sid, stretch
CVE-2021-27347Use after free in lzma_decompress_buf function in stream.c in Irzip 0. ...bullseye, buster, sid, stretch
netpbm-freeCVE-2017-2579An out-of-bounds read vulnerability was found in netpbm before 10.61. ...bullseye, buster, sid, stretch
CVE-2017-2580An out-of-bounds write vulnerability was found in netpbm before 10.61. ...bullseye, buster, sid, stretch
CVE-2017-2581An out-of-bounds write vulnerability was found in netpbm before 10.61. ...bullseye, buster, sid, stretch
opencvCVE-2019-9423In opencv calls that use libpng, there is a possible out of bounds wri ...bullseye, buster, sid, stretch
opendmarcCVE-2021-34555OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a denial ...bullseye, buster, sid, stretch
openscadCVE-2020-28600An out-of-bounds write vulnerability exists in the import_stl.cc:impor ...bullseye, buster, sid, stretch
r-cran-readxlCVE-2017-2910An exploitable Out-of-bounds Write vulnerability exists in the xls_add ...bullseye, buster, sid, stretch
resteasyCVE-2020-1695A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final ...sid
CVE-2020-14326A vulnerability was found in RESTEasy, where RootNode incorrectly cach ...sid
CVE-2021-20293A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in a ...sid
resteasy3.0CVE-2016-6345RESTEasy allows remote authenticated users to obtain sensitive informa ...bullseye, buster, sid
CVE-2016-6346RESTEasy enables GZIPInterceptor, which allows remote attackers to cau ...bullseye, buster, sid
CVE-2016-6347Cross-site scripting (XSS) vulnerability in the default exception hand ...bullseye, buster, sid
CVE-2016-6348JacksonJsonpInterceptor in RESTEasy might allow remote attackers to co ...bullseye, buster, sid
CVE-2020-10688A cross-site scripting (XSS) flaw was found in RESTEasy in versions be ...bullseye, buster, sid
CVE-2020-14326A vulnerability was found in RESTEasy, where RootNode incorrectly cach ...bullseye, buster, sid
CVE-2021-20293A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in a ...bullseye, buster, sid
rust-mioCVE-2020-35922An issue was discovered in the mio crate before 0.7.6 for Rust. It has ...bullseye, buster, sid
rust-reqwestCVE-2020-35875An issue was discovered in the tokio-rustls crate before 0.13.1 for Ru ...sid
undertowCVE-2021-3597sid
CVE-2021-20220A flaw was found in Undertow. A regression in the fix for CVE-2020-106 ...sid
wordpressCVE-2018-1000773WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation ...bullseye, buster, sid, stretch
CVE-2019-8943WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An a ...bullseye, buster, sid, stretch
zabbixCVE-2020-27834attacker can send the same request over and over again without changing the CSRF tokenbullseye, buster, sid, stretch

Search for package or bug name: Reporting problems