Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2020-0478In extend_frame_lowbd of restoration.c, there is a possible out of bou ...check if ebba9c769be2c99d5396d0018901e9a4af5e2d2c is the needed commit
CVE-2020-12083An elevated privileges issue related to Spring MVC calls impacts Code ...check
CVE-2020-16630TI’s BLE stack caches and reuses the LTK’s property for a ...check
CVE-2020-19716A buffer overflow vulnerability in the Databuf function in types.cpp o ...check, unclear if fixed or not, upstream cannot reproduce as well in 0.27.1 as reported
CVE-2020-21468A segmentation fault in the redis-server component of Redis 5.0.7 lead ...check
CVE-2020-21913International Components for Unicode (ICU-20850) v66.1 was discovered ...check
CVE-2020-23266An issue was discovered in gpac 0.8.0. The OD_ReadUTF8String function ...check
CVE-2020-23267An issue was discovered in gpac 0.8.0. The gf_hinter_track_process fun ...check
CVE-2020-23269An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function ...check
CVE-2020-23469gmate v0.12+bionic contains a regular expression denial of service (Re ...check
CVE-2020-23478Leo Editor v6.2.1 was discovered to contain a regular expression denia ...check
CVE-2020-23914An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer ...retroarch and salmon embed peglib, check if it's actually a security issue
CVE-2020-23915An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_es ...retroarch and salmon embed peglib, check if it's actually a security issue
CVE-2020-25467A null pointer dereference was discovered lzo_decompress_buf in stream ...check fixing commit
CVE-2020-25646A flaw was found in Ansible Collection community.crypto. openssl_priva ...check
CVE-2021-3681RESERVEDcheck, needs verifying the affected ansible/ansible-base components
CVE-2021-3773RESERVEDfill in tracking details
CVE-2021-20315locking protection bypass allow unauthorized user to kill existing applications or start new onescheck, possibly Red Hat specific as issue introduced of backporting features to CentOS 8 Streams
CVE-2021-21897A code execution vulnerability exists in the DL_Dxf::handleLWPolylineD ...check, horizon-eda, cloudcompare, kicad embedds it, but needs to check if actually used and issue affects those
CVE-2021-22931Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Co ...check, nodejs uses system c-ares which fixed CVE-2021-3672 and so this entry might be not-affected
CVE-2021-26314Potential floating point value injection in all supported CPU products ...check
CVE-2021-32686PJSIP is a free and open source multimedia communication library writt ...check, might affect in impact src:ring
CVE-2021-33194golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows atta ...check completeness
CVE-2021-37218HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server ...check
CVE-2021-41086jsuites is an open source collection of common required javascript web ...check
CVE-2021-41087in-toto-golang is a go implementation of the in-toto framework to prot ...check
CVE-2021-41303Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a ...check
TEMP-0000000-DD73A0Unexpected database bindings via requests (follow-up)check php-illuminate-database and CVE assignment

Search for package or bug name: Reporting problems