Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2017-1000600WordPress version <4.9 contains a CWE-20 Input Validation ...check
CVE-2017-11750The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and ...check if patch simplifying patch applied in any suite
CVE-2017-18220The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in ...check, needs clarification, the issue is CloseBlob use-after-free
CVE-2017-18240The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ...check
CVE-2018-0765A denial of service vulnerability exists when .NET and .NET Core ...check, can potentially affect mono packages
CVE-2018-1000773WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation ...check
CVE-2018-1051It was found that the fix for CVE-2016-9606 in versions 3.0.22 and ...check
CVE-2018-11025kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in ...check
CVE-2018-11832In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-12466openSUSE openbuildservice before 9.2.4 allowed authenticated users to ...check if introducing commit is right and fix status
CVE-2018-12467Authorized users of the openbuildservice before 2.9.4 could delete ...check if introducing commit is right and fix status
CVE-2018-12477A Improper Neutralization of CRLF Sequences vulnerability in Open ...check
CVE-2018-12478A Improper Input Validation vulnerability in Open Build Service allows ...check
CVE-2018-12479A Improper Input Validation vulnerability in Open Build Service allows ...check
CVE-2018-14642An information leak vulnerability was found in Undertow. If all ...further check, the RedHat bug 1628702 references are not public accessible
CVE-2018-15756Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, ...check
CVE-2018-16329In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the ...check if though missing null checks are present as well in 6.x series
CVE-2018-16837Ansible "User" module leaks any data which is passed on as a parameter ...check
CVE-2018-16981stb stb_image.h 2.19, as used in catimg, Emscripten, and other ...further check, stb_image.h in older version is embedded in src:catimg
CVE-2018-17846The html package (aka x/net/html) through 2018-09-25 in Go mishandles ...check, possibly introduced in later versions
CVE-2018-17847The html package (aka x/net/html) through 2018-09-25 in Go mishandles ...check, possibly introduced in later versions
CVE-2018-17848The html package (aka x/net/html) through 2018-09-25 in Go mishandles ...check, possibly introduced in later versions
CVE-2018-18398Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey ...check, unclear/information lacking report, unclear if later thunar versions affected, unclear upstream reporting status
CVE-2018-18443OpenEXR 2.3.0 has a memory leak in ThreadPool in ...check, the issue seems not locaated in the (not-installed) exrmultiview tool, but in library, but no upstream response yet
CVE-2018-3211Vulnerability in the Java SE, Java SE Embedded component of Oracle ...reckeck, maintainer claims fixed in openjdk-8/8u181-b13-2 and affecting openjdk-8
CVE-2018-3258Vulnerability in the MySQL Connectors component of Oracle MySQL ...check
CVE-2018-3847Multiple exploitable buffer overflow vulnerabilities exist in image ...double-check
CVE-2018-5360LibTIFF before 4.0.6 mishandles the reading of TIFF files, as ...claimed to be fixed in latest libtiff, but no idication yet which changes adresses the issue
CVE-2018-9246The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in ...check if set of commits complete

Search for package or bug name: Reporting problems