Source: bettercap Version: 2.33.0-1 Severity: important Tags: security upstream X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi, The following vulnerabilities were published for bettercap. CVE-2026-8275[0]: | A vulnerability was detected in bettercap up to 2.41.5. Affected by | this vulnerability is the function ippReadChunkedBody of the file | modules/zerogod/zerogod_ipp_primitives.go of the component zerogod | IPP Service. Performing a manipulation results in integer coercion | error. The attack can be initiated remotely. The attack is | considered to have high complexity. The exploitation appears to be | difficult. The exploit is now public and may be used. The patch is | named 3731d5576cffae9eefe3721cd46a40933304129f. To fix this issue, | it is recommended to deploy a patch. CVE-2026-8276[1]: | A flaw has been found in bettercap up to 2.41.5. Affected by this | issue is some unknown functionality of the file | modules/mysql_server/mysql_server.go of the component MySQL Server. | Executing a manipulation can lead to integer coercion error. The | attack can be launched remotely. The attack requires a high level of | complexity. The exploitation is known to be difficult. The exploit | has been published and may be used. This patch is called | 0eaa375c5e5446bfba94a290eff92967a5deac9e. It is advisable to | implement a patch to correct this issue. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2026-8275 https://www.cve.org/CVERecord?id=CVE-2026-8275 [1] https://security-tracker.debian.org/tracker/CVE-2026-8276 https://www.cve.org/CVERecord?id=CVE-2026-8276 Regards, Salvatore
