Comment 2 for bug 1803441

I have not seen a CVE for the original upstream bug but cannot say with certainty none was assigned.

The Ubuntu packaging issue definitely does not have one.