This page lists packages that may or may not be affected by known issues. This means that some additional work needs to be done to determined whether the package is actually vulnerable or not. This list is a good area for new contributors to make quick and meaningful contributions.
Package | Bug | Description | Releases |
---|---|---|---|
clojure | CVE-2024-22871 | An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker ... | bookworm, bullseye, buster, sid, stretch, trixie |
designate | CVE-2023-6725 | An access-control flaw was found in the OpenStack Designate component ... | bookworm, bullseye, buster, jessie, sid, stretch, trixie |
jasperreports | CVE-2017-5528 | Multiple JasperReports Server components contain vulnerabilities which ... | jessie, stretch |
CVE-2017-5529 | JasperReports library components contain an information disclosure vul ... | jessie, stretch | |
CVE-2017-5532 | A vulnerability in the report renderer component of TIBCO JasperReport ... | jessie, stretch | |
CVE-2017-5533 | A vulnerability in the server content cache of TIBCO JasperReports Ser ... | jessie, stretch | |
CVE-2017-14941 | Jaspersoft JasperReports 4.7 suffers from a saved credential disclosur ... | jessie, stretch | |
CVE-2018-5429 | A vulnerability in the report scripting component of TIBCO Software In ... | stretch | |
CVE-2018-5430 | The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Serv ... | stretch | |
CVE-2018-5431 | The domain designer component of TIBCO Software Inc.'s TIBCO JasperRep ... | stretch | |
kfreebsd-10 | CVE-2014-7250 | The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly ... | stretch |
kgb-bot | CVE-2015-1554 | kgb-bot 1.33-2 allows remote attackers to cause a denial of service (c ... | bookworm, bullseye, buster, jessie, sid, stretch, trixie |
kotlin | CVE-2020-29582 | In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for ... | bookworm, sid |
CVE-2022-24329 | In JetBrains Kotlin before 1.6.0, it was not possible to lock dependen ... | bookworm, sid | |
linux | CVE-2020-0347 | In iptables, there is a possible out of bounds write due to an incorre ... | bookworm, bullseye, buster, jessie, sid, stretch, trixie |
CVE-2022-36402 | An integer overflow vulnerability was found in vmwgfx driver in driver ... | bookworm, bullseye, buster, jessie, sid, stretch, trixie | |
mbedtls | CVE-2024-28836 | An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiati ... | bookworm, bullseye, buster, sid, stretch, trixie |
CVE-2024-30166 | In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can c ... | bookworm, bullseye, buster, sid, stretch, trixie | |
pluxml | CVE-2007-3432 | Unrestricted file upload vulnerability in admin/images.php in Pluxml 0 ... | buster, jessie, stretch |
CVE-2007-3542 | Cross-site scripting (XSS) vulnerability in admin/auth.php in Pluxml 0 ... | buster, jessie, stretch | |
CVE-2012-4674 | PluXml before 5.1.6 allows remote attackers to obtain the installation ... | buster, jessie, stretch | |
CVE-2012-4675 | Cross-site scripting (XSS) vulnerability in PluXml 5.1.6 allows remote ... | buster, jessie, stretch | |
poppler | CVE-2024-2971 | Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negat ... | bookworm, bullseye, buster, jessie, sid, stretch, trixie |
CVE-2024-3900 | Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long ... | bookworm, bullseye, buster, jessie, sid, stretch, trixie | |
CVE-2024-4141 | Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an in ... | bookworm, bullseye, buster, jessie, sid, stretch, trixie | |
wordpress | CVE-2019-8943 | WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An a ... | bookworm, bullseye, buster, jessie, sid, stretch, trixie |