Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bd571566 by security tracker role at 2026-01-27T20:13:32+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,301 @@
-CVE-2026-24883
+CVE-2026-24875 (Integer Overflow or Wraparound vulnerability in yoyofr
modizer.This is ...)
+ TODO: check
+CVE-2026-24874 (Access of Resource Using Incompatible Type ('Type Confusion')
vulnerab ...)
+ TODO: check
+CVE-2026-24873 (Out-of-bounds Read vulnerability in Rinnegatamante
lpp-vita.This issue ...)
+ TODO: check
+CVE-2026-24872 (improper pointer arithmetic vulnerability in ProjectSkyfire
SkyFire_ ...)
+ TODO: check
+CVE-2026-24871 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
+ TODO: check
+CVE-2026-24870 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
+ TODO: check
+CVE-2026-24869 (Use-after-free in the Layout: Scrolling and Overflow
component. This v ...)
+ TODO: check
+CVE-2026-24868 (Mitigation bypass in the Privacy: Anti-Tracking component.
This vulner ...)
+ TODO: check
+CVE-2026-24858 (An Authentication Bypass Using an Alternate Path or Channel
vulnerabil ...)
+ TODO: check
+CVE-2026-24832 (Out-of-bounds Write vulnerability in ixray-team
ixray-1.6-stcop.This i ...)
+ TODO: check
+CVE-2026-24831 (Loop with Unreachable Exit Condition ('Infinite Loop')
vulnerability i ...)
+ TODO: check
+CVE-2026-24830 (Integer Overflow or Wraparound vulnerability in Ralim
IronOS.This issu ...)
+ TODO: check
+CVE-2026-24829 (Out-of-bounds Write, Heap-based Buffer Overflow vulnerability
in Is-Da ...)
+ TODO: check
+CVE-2026-24828 (Missing Release of Memory after Effective Lifetime
vulnerability in Is ...)
+ TODO: check
+CVE-2026-24827 (Out-of-bounds Write vulnerability in gerstrong
Commander-Genius.This i ...)
+ TODO: check
+CVE-2026-24826 (Out-of-bounds Write, Divide By Zero, NULL Pointer Dereference,
Use of ...)
+ TODO: check
+CVE-2026-24825 (Missing Release of Memory after Effective Lifetime
vulnerability in yd ...)
+ TODO: check
+CVE-2026-24824 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2026-24823 (Out-of-bounds Write, Buffer Copy without Checking Size of
Input ('Clas ...)
+ TODO: check
+CVE-2026-24822 (Out-of-bounds Write, Heap-based Buffer Overflow vulnerability
in ttttu ...)
+ TODO: check
+CVE-2026-24821 (Out-of-bounds Read vulnerability in turanszkij WickedEngine
(WickedEng ...)
+ TODO: check
+CVE-2026-24820 (Out-of-bounds Read vulnerability in turanszkij WickedEngine
(WickedEng ...)
+ TODO: check
+CVE-2026-24819 (Improperly Controlled Sequential Memory Allocation
vulnerability in fo ...)
+ TODO: check
+CVE-2026-24818 (Out-of-bounds Read vulnerability in praydog UEVR
(dependencies/lua/src ...)
+ TODO: check
+CVE-2026-24817 (Out-of-bounds Write vulnerability in praydog UEVR
(dependencies/lua/sr ...)
+ TODO: check
+CVE-2026-24816 (Loop with Unreachable Exit Condition ('Infinite Loop')
vulnerability i ...)
+ TODO: check
+CVE-2026-24815 (Unrestricted Upload of File with Dangerous Type,
Deserialization of Un ...)
+ TODO: check
+CVE-2026-24814 (Integer Overflow or Wraparound vulnerability in swoole
swoole-src (thi ...)
+ TODO: check
+CVE-2026-24813 (NULL Pointer Dereference vulnerability in abcz316
SKRoot-linuxKernelRo ...)
+ TODO: check
+CVE-2026-24812 (Vulnerability in root-project root (builtins/zlib modules).
This vulne ...)
+ TODO: check
+CVE-2026-24811 (Vulnerability in root-project root (builtins/zlib modules).
This vulne ...)
+ TODO: check
+CVE-2026-24810 (Buffer Copy without Checking Size of Input ('Classic Buffer
Overflow') ...)
+ TODO: check
+CVE-2026-24809 (An issue from the component luaG_runerror in
dependencies/lua/src/ldeb ...)
+ TODO: check
+CVE-2026-24808 (Integer Overflow or Wraparound vulnerability in RawTherapee
(rtengine ...)
+ TODO: check
+CVE-2026-24807 (Improper Verification of Cryptographic Signature vulnerability
in liuy ...)
+ TODO: check
+CVE-2026-24806 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
+ TODO: check
+CVE-2026-24805 (NULL Pointer Dereference vulnerability in visualfc liteide
(liteidex/s ...)
+ TODO: check
+CVE-2026-24804 (Loop with Unreachable Exit Condition ('Infinite Loop')
vulnerability i ...)
+ TODO: check
+CVE-2026-24803 (Loop with Unreachable Exit Condition ('Infinite Loop')
vulnerability i ...)
+ TODO: check
+CVE-2026-24802 (Loop with Unreachable Exit Condition ('Infinite Loop')
vulnerability i ...)
+ TODO: check
+CVE-2026-24801 (Vulnerability in Ralim IronOS
(source/Core/BSP/Pinecilv2/bl_mcu_sdk/co ...)
+ TODO: check
+CVE-2026-24800 (Out-of-bounds Write, Buffer Copy without Checking Size of
Input ('Clas ...)
+ TODO: check
+CVE-2026-24799 (Out-of-bounds Write, Buffer Copy without Checking Size of
Input ('Clas ...)
+ TODO: check
+CVE-2026-24798 (Improper Restriction of Operations within the Bounds of a
Memory Buffe ...)
+ TODO: check
+CVE-2026-24797 (Out-of-bounds Write vulnerability in neka-nat cupoch
(third_party/libj ...)
+ TODO: check
+CVE-2026-24796 (Out-of-bounds Read vulnerability in CloverHackyColor
CloverBootloader ...)
+ TODO: check
+CVE-2026-24795 (Out-of-bounds Write vulnerability in CloverHackyColor
CloverBootloader ...)
+ TODO: check
+CVE-2026-24794 (Improper Restriction of Operations within the Bounds of a
Memory Buffe ...)
+ TODO: check
+CVE-2026-24793 (Out-of-bounds Write, Buffer Copy without Checking Size of
Input ('Clas ...)
+ TODO: check
+CVE-2026-24771 (Hono is a Web application framework that provides support for
any Java ...)
+ TODO: check
+CVE-2026-24688 (pypdf is a free and open-source pure-python PDF library. An
attacker w ...)
+ TODO: check
+CVE-2026-24473 (Hono is a Web application framework that provides support for
any Java ...)
+ TODO: check
+CVE-2026-24472 (Hono is a Web application framework that provides support for
any Java ...)
+ TODO: check
+CVE-2026-24398 (Hono is a Web application framework that provides support for
any Java ...)
+ TODO: check
+CVE-2026-24348 (Multiple cross-site scripting vulnerabilities in Admin UI of
EZCast Pr ...)
+ TODO: check
+CVE-2026-24347 (Improper input validation in Admin UI of EZCast Pro II version
1.17478 ...)
+ TODO: check
+CVE-2026-24346 (Use of well-known default credentials in Admin UI of EZCast
Pro II ver ...)
+ TODO: check
+CVE-2026-24345 (Cross-Site Request Forgery in Admin UI of EZCast Pro II
version 1.1747 ...)
+ TODO: check
+CVE-2026-24344 (MultipleBuffer Overflows in Admin UI of EZCast Pro II version
1.17478. ...)
+ TODO: check
+CVE-2026-24116 (Wasmtime is a runtime for WebAssembly. Starting in version
29.0.0 and ...)
+ TODO: check
+CVE-2026-23892 (OctoPrint provides a web interface for controlling consumer 3D
printer ...)
+ TODO: check
+CVE-2026-23881 (Kyverno is a policy engine designed for cloud native platform
engineer ...)
+ TODO: check
+CVE-2026-23593 (A vulnerability in the web-based management interface of HPE
Aruba Net ...)
+ TODO: check
+CVE-2026-23592 (Insecure file operations in HPE Aruba Networking Fabric
Composer\xe2\u ...)
+ TODO: check
+CVE-2026-22264 (Suricata is a network IDS, IPS and NSM engine. Prior to
version 8.0.3 ...)
+ TODO: check
+CVE-2026-22263 (Suricata is a network IDS, IPS and NSM engine. Starting in
version 8.0 ...)
+ TODO: check
+CVE-2026-22262 (Suricata is a network IDS, IPS and NSM engine. While saving a
dataset ...)
+ TODO: check
+CVE-2026-22261 (Suricata is a network IDS, IPS and NSM engine. Prior to
versions 8.0.3 ...)
+ TODO: check
+CVE-2026-22260 (Suricata is a network IDS, IPS and NSM engine. Starting in
version 8.0 ...)
+ TODO: check
+CVE-2026-22259 (Suricata is a network IDS, IPS and NSM engine. Prior to
versions 8.0.3 ...)
+ TODO: check
+CVE-2026-22258 (Suricata is a network IDS, IPS and NSM engine. Prior to
versions 8.0.3 ...)
+ TODO: check
+CVE-2026-22039 (Kyverno is a policy engine designed for cloud native platform
engineer ...)
+ TODO: check
+CVE-2026-21721 (The dashboard permissions API does not verify the target
dashboard sco ...)
+ TODO: check
+CVE-2026-21720 (Every uncached /avatar/:hash request spawns a goroutine that
refreshes ...)
+ TODO: check
+CVE-2026-21417 (Dell CloudBoost Virtual Appliance, versions prior to
19.14.0.0, contai ...)
+ TODO: check
+CVE-2026-1489 (A flaw was found in GLib. An integer overflow vulnerability in
its Uni ...)
+ TODO: check
+CVE-2026-1485 (A flaw was found in Glib's content type parsing logic. This
buffer und ...)
+ TODO: check
+CVE-2026-1484 (A flaw was found in the GLib Base64 encoding routine when
processing v ...)
+ TODO: check
+CVE-2026-1483 (An out-of-band SQL injection vulnerability (OOB SQLi) has been
detecte ...)
+ TODO: check
+CVE-2026-1482 (An out-of-band SQL injection vulnerability (OOB SQLi) has been
detecte ...)
+ TODO: check
+CVE-2026-1481 (An out-of-band SQL injection vulnerability (OOB SQLi) has been
detecte ...)
+ TODO: check
+CVE-2026-1480 (An out-of-band SQL injection vulnerability (OOB SQLi) has been
detecte ...)
+ TODO: check
+CVE-2026-1479 (An out-of-band SQL injection vulnerability (OOB SQLi) has been
detecte ...)
+ TODO: check
+CVE-2026-1478 (An out-of-band SQL injection vulnerability (OOB SQLi) has been
detecte ...)
+ TODO: check
+CVE-2026-1477 (An out-of-band SQL injection vulnerability (OOB SQLi) has been
detecte ...)
+ TODO: check
+CVE-2026-1476 (An out-of-band SQL injection vulnerability (OOB SQLi) has been
detecte ...)
+ TODO: check
+CVE-2026-1475 (An out-of-band SQL injection vulnerability (OOB SQLi) has been
detecte ...)
+ TODO: check
+CVE-2026-1474 (An out-of-band SQL injection vulnerability (OOB SQLi) has been
detecte ...)
+ TODO: check
+CVE-2026-1473 (An out-of-band SQL injection vulnerability (OOB SQLi) has been
detecte ...)
+ TODO: check
+CVE-2026-1472 (An out-of-band SQL injection vulnerability (OOB SQLi) has been
detecte ...)
+ TODO: check
+CVE-2026-1470 (n8n contains a critical Remote Code Execution (RCE)
vulnerability in i ...)
+ TODO: check
+CVE-2026-1467 (A flaw was found in libsoup, an HTTP client library. This
vulnerabilit ...)
+ TODO: check
+CVE-2026-1465 (Improper Restriction of Operations within the Bounds of a
Memory Buffe ...)
+ TODO: check
+CVE-2026-1464 (Integer Overflow or Wraparound vulnerability in MuntashirAkon
AppManag ...)
+ TODO: check
+CVE-2026-1315 (By sending crafted files to the firmware update endpointof Tapo
C220 v ...)
+ TODO: check
+CVE-2026-1213 (All versions of askbot before and including 0.12.2 allow an
attacker a ...)
+ TODO: check
+CVE-2026-0919 (The HTTP parser of Tapo C220 v1 and C520WS v2 cameras
improperly handl ...)
+ TODO: check
+CVE-2026-0918 (The Tapo C220 v1 and C520WS v2 cameras\u2019 HTTP service does
not saf ...)
+ TODO: check
+CVE-2026-0746 (The AI Engine plugin for WordPress is vulnerable to Server-Side
Reques ...)
+ TODO: check
+CVE-2026-0705 (Local privilege escalation due to insecure folder permissions.
The fol ...)
+ TODO: check
+CVE-2026-0648 (The vulnerability stems from an incorrect error-checking logic
in the ...)
+ TODO: check
+CVE-2025-69565 (code-projects Mobile Shop Management System 1.0 is vulnerable
to File ...)
+ TODO: check
+CVE-2025-69564 (code-projects Mobile Shop Management System 1.0 is vulnerable
to SQL I ...)
+ TODO: check
+CVE-2025-69563 (code-projects Mobile Shop Management System 1.0 is vulnerable
to SQL I ...)
+ TODO: check
+CVE-2025-69562 (code-projects Mobile Shop Management System 1.0 is vulnerable
to SQL I ...)
+ TODO: check
+CVE-2025-69559 (code-projects Computer Book Store 1.0 is vulnerable to File
Upload in ...)
+ TODO: check
+CVE-2025-68670 (xrdp is an open source RDP server. xrdp before v0.10.5
contains an una ...)
+ TODO: check
+CVE-2025-65264 (The kernel driver of CPUID CPU-Z v2.17 and earlier does not
validate u ...)
+ TODO: check
+CVE-2025-55102 (A denial-of-service vulnerability exists in the NetX IPv6
component fu ...)
+ TODO: check
+CVE-2025-55095 (The function _ux_host_class_storage_media_mount()is
responsible for mo ...)
+ TODO: check
+CVE-2025-41728 (A low privileged remote attacker may be able to disclose
confidential ...)
+ TODO: check
+CVE-2025-41727 (A local low privileged attacker can bypass the authentication
of the D ...)
+ TODO: check
+CVE-2025-41726 (A low privileged remote attacker can execute arbitrary code by
sending ...)
+ TODO: check
+CVE-2025-33234 (NVIDIA runx contains a vulnerability where an attacker could
cause a c ...)
+ TODO: check
+CVE-2025-28164 (Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a
local a ...)
+ TODO: check
+CVE-2025-28162 (Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a
local a ...)
+ TODO: check
+CVE-2025-14911 (User-controlled chunkSize metadata from MongoDB lacks
appropriate vali ...)
+ TODO: check
+CVE-2025-12810 (Improper Authentication vulnerability in Delinea Inc. Secret
Server On ...)
+ TODO: check
+CVE-2025-12387 (A vulnerability in the Pix-Link LV-WR21Q router's language
module allo ...)
+ TODO: check
+CVE-2025-12386 (Pix-Link LV-WR21Q does not enforce any form of authentication
for endp ...)
+ TODO: check
+CVE-2021-47902 (Testa Online Test Management System 3.4.7 contains a SQL
injection vul ...)
+ TODO: check
+CVE-2021-47901 (Dirsearch 0.4.1 contains a CSV injection vulnerability when
using the ...)
+ TODO: check
+CVE-2021-47900 (Gila CMS versions prior to 2.0.0 contain a remote code
execution vulne ...)
+ TODO: check
+CVE-2020-36983 (Quick 'n Easy FTP Service 3.2 contains an unquoted service
path vulner ...)
+ TODO: check
+CVE-2020-36982 (Motorola Device Manager 2.5.4 contains an unquoted service
path vulner ...)
+ TODO: check
+CVE-2020-36981 (Motorola Device Manager 2.4.5 contains an unquoted service
path vulner ...)
+ TODO: check
+CVE-2020-36980 (SAntivirus IC 10.0.21.61 contains an unquoted service path
vulnerabili ...)
+ TODO: check
+CVE-2020-36979 (Atheros Coex Service Application 8.0.0.255 contains an
unquoted servic ...)
+ TODO: check
+CVE-2020-36978 (Froxlor Server Management Panel 0.10.16 contains a persistent
cross-si ...)
+ TODO: check
+CVE-2020-36977 (Wondershare Driver Install Service contains an unquoted
service path v ...)
+ TODO: check
+CVE-2020-36976 (Acer Global Registration Service 1.0.0.3 contains an unquoted
service ...)
+ TODO: check
+CVE-2020-36975 (EPSON Status Monitor 3 version 8.0 contains an unquoted
service path v ...)
+ TODO: check
+CVE-2020-36974 (Realtek Andrea RT Filters 1.0.64.7 contains an unquoted
service path v ...)
+ TODO: check
+CVE-2020-36951 (Phpscript-sgh 0.1.0 contains a time-based blind SQL injection
vulnerab ...)
+ TODO: check
+CVE-2020-36950 (Laravel Nova 3.7.0 contains a denial of service vulnerability
that all ...)
+ TODO: check
+CVE-2020-36949 (TapinRadio 2.13.7 contains a denial of service vulnerability
in the ap ...)
+ TODO: check
+CVE-2020-36948 (VestaCP 0.9.8-26 contains a session token vulnerability in the
LoginAs ...)
+ TODO: check
+CVE-2020-36947 (LibreNMS 1.46 contains an authenticated SQL injection
vulnerability in ...)
+ TODO: check
+CVE-2020-36946 (SyncBreeze 10.0.28 contains a denial of service vulnerability
in the l ...)
+ TODO: check
+CVE-2020-36942 (Victor CMS 1.0 contains a file upload vulnerability that
allows authen ...)
+ TODO: check
+CVE-2020-36941 (Knockpy 4.1.1 contains a CSV injection vulnerability that
allows attac ...)
+ TODO: check
+CVE-2020-36940 (Easy CD & DVD Cover Creator 4.13 contains a buffer overflow
vulnerabil ...)
+ TODO: check
+CVE-2020-36939 (Cassandra Web 0.5.0 contains a directory traversal
vulnerability that ...)
+ TODO: check
+CVE-2020-36938 (WinAVR version 20100110 contains an insecure permissions
vulnerability ...)
+ TODO: check
+CVE-2026-24883 (In GnuPG before 2.5.17, a long signature packet length causes
parse_si ...)
- gnupg2 <unfixed>
NOTE: https://dev.gnupg.org/T8049
-CVE-2026-24882
+CVE-2026-24882 (In GnuPG before 2.5.17, a stack-based buffer overflow exists
in tpm2da ...)
- gnupg2 <unfixed>
NOTE: https://dev.gnupg.org/T8045
-CVE-2026-24881
+CVE-2026-24881 (In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData
message c ...)
- gnupg2 <not-affected> (Vulnerable code not present)
NOTE: https://dev.gnupg.org/T8044
-CVE-2025-11187 [Improper validation of PBMAC1 parameters in PKCS#12 MAC
verification]
+CVE-2025-11187 (Issue summary: PBMAC1 parameters in PKCS#12 files are missing
validati ...)
- openssl <unfixed>
[trixie] - openssl 3.5.4-1~deb13u2
[bookworm] - openssl <not-affected> (Vulnerable code introduced later)
@@ -16,7 +304,8 @@ CVE-2025-11187 [Improper validation of PBMAC1 parameters in
PKCS#12 MAC verifica
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/e1079bc17ed93ff16f6b86f33a2fe3336e78817e
(openssl-3.5.5)
NOTE: Testcases:
https://github.com/openssl/openssl/commit/4583982d252797c133ce4139b7f78d2942d2bcdb
(openssl-3.5.5)
NOTE: Testcases:
https://github.com/openssl/openssl/commit/c716acac5e0e2216bcf3ab54036f0ef31ebe1b52
(openssl-3.5.5)
-CVE-2025-15467 [Stack buffer overflow in CMS AuthEnvelopedData parsing]
+CVE-2025-15467 (Issue summary: Parsing CMS AuthEnvelopedData message with
maliciously ...)
+ {DSA-6113-1}
- openssl <unfixed>
[bullseye] - openssl <not-affected> (Vulnerable code introduced later)
NOTE: https://openssl-library.org/news/secadv/20260127.txt
@@ -26,58 +315,65 @@ CVE-2025-15467 [Stack buffer overflow in CMS
AuthEnvelopedData parsing]
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e
(openssl-3.0.19)
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/cdccf8f2ef17ae020bd69360c43a39306b89c381
(openssl-3.0.19)
NOTE: Test:
https://github.com/openssl/openssl/commit/e0666f72294691a808443970b654412a6d92fa0f
(openssl-3.0.19)
-CVE-2025-15468 [NULL dereference in SSL_CIPHER_find() function on unknown
cipher ID]
+CVE-2025-15468 (Issue summary: If an application using the SSL_CIPHER_find()
function ...)
- openssl <unfixed>
[trixie] - openssl 3.5.4-1~deb13u2
[bookworm] - openssl <not-affected> (Vulnerable code introduced later)
[bullseye] - openssl <not-affected> (Vulnerable code introduced later)
NOTE: https://openssl-library.org/news/secadv/20260127.txt
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/1f08e54bad32843044fe8a675948d65e3b4ece65
(openssl-3.5.5)
-CVE-2025-15469 ["openssl dgst" one-shot codepath silently truncates inputs
>16MB]
+CVE-2025-15469 (Issue summary: The 'openssl dgst' command-line tool silently
truncates ...)
- openssl <unfixed>
[trixie] - openssl 3.5.4-1~deb13u2
[bookworm] - openssl <not-affected> (Vulnerable code introduced later)
[bullseye] - openssl <not-affected> (Vulnerable code introduced later)
NOTE: https://openssl-library.org/news/secadv/20260127.txt
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/a7936fa4bd23c906e1955a16a0a0ab39a4953a61
(openssl-3.5.5)
-CVE-2025-66199 [TLS 1.3 CompressedCertificate excessive memory allocation]
+CVE-2025-66199 (Issue summary: A TLS 1.3 connection using certificate
compression can ...)
- openssl <unfixed>
[trixie] - openssl 3.5.4-1~deb13u2
[bookworm] - openssl <not-affected> (Vulnerable code introduced later)
[bullseye] - openssl <not-affected> (Vulnerable code introduced later)
NOTE: https://openssl-library.org/news/secadv/20260127.txt
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/895150b5e021d16b52fb32b97e1dd12f20448be5
(openssl-3.5.5)
-CVE-2025-68160 [Heap out-of-bounds write in BIO_f_linebuffer on short writes]
+CVE-2025-68160 (Issue summary: Writing large, newline-free data into a BIO
chain using ...)
+ {DSA-6113-1}
- openssl <unfixed>
NOTE: https://openssl-library.org/news/secadv/20260127.txt
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/6845c3b6460a98b1ec4e463baa2ea1a63a32d7c0
(openssl-3.5.5)
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/475c466ef2fbd8fc1df6fae1c3eed9c813fc8ff6
(openssl-3.0.19)
-CVE-2025-69418 [Unauthenticated/unencrypted trailing bytes with low-level OCB
function calls]
+CVE-2025-69418 (Issue summary: When using the low-level OCB API directly with
AES-NI o ...)
+ {DSA-6113-1}
- openssl <unfixed>
NOTE: https://openssl-library.org/news/secadv/20260127.txt
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/4016975d4469cd6b94927c607f7c511385f928d8
(openssl-3.5.5)
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/52d23c86a54adab5ee9f80e48b242b52c4cc2347
(openssl-3.0.19)
-CVE-2025-69419 [Out of bounds write in PKCS12_get_friendlyname() UTF-8
conversion]
+CVE-2025-69419 (Issue summary: Calling PKCS12_get_friendlyname() function on a
malicio ...)
+ {DSA-6113-1}
- openssl <unfixed>
NOTE: https://openssl-library.org/news/secadv/20260127.txt
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/ff628933755075446bca8307e8417c14d164b535
(openssl-3.5.5)
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296
(openssl-3.0.19)
-CVE-2025-69420 [Missing ASN1_TYPE validation in TS_RESP_verify_response()
function]
+CVE-2025-69420 (Issue summary: A type confusion vulnerability exists in the
TimeStamp ...)
+ {DSA-6113-1}
- openssl <unfixed>
NOTE: https://openssl-library.org/news/secadv/20260127.txt
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/564fd9c73787f25693bf9e75faf7bf6bb1305d4e
(openssl-3.5.5)
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/4e254b48ad93cc092be3dd62d97015f33f73133a
(openssl-3.0.19)
-CVE-2025-69421 [NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex
function]
+CVE-2025-69421 (Issue summary: Processing a malformed PKCS#12 file can trigger
a NULL ...)
+ {DSA-6113-1}
- openssl <unfixed>
NOTE: https://openssl-library.org/news/secadv/20260127.txt
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/3524a29271f8191b8fd8a5257eb05173982a097b
(openssl-3.5.5)
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/36ecb4960872a4ce04bf6f1e1f4e78d75ec0c0c7
(openssl-3.0.19)
-CVE-2026-22795 [Missing ASN1_TYPE validation in PKCS#12 parsing]
+CVE-2026-22795 (Issue summary: An invalid or NULL pointer dereference can
happen in an ...)
+ {DSA-6113-1}
- openssl <unfixed>
NOTE: https://openssl-library.org/news/secadv/20260127.txt
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4
(openssl-3.5.5)
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49
(openssl-3.0.19)
-CVE-2026-22796 [ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes()
function]
+CVE-2026-22796 (Issue summary: A type confusion vulnerability exists in the
signature ...)
+ {DSA-6113-1}
- openssl <unfixed>
NOTE: https://openssl-library.org/news/secadv/20260127.txt
NOTE: Fixed by:
https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4
(openssl-3.5.5)
@@ -39426,7 +39722,7 @@ CVE-2025-10228 (Session Fixation vulnerability in
Rolantis Information Technolog
CVE-2025-0033 (Improper access control within AMD SEV-SNP could allow an admin
privil ...)
- amd64-microcode <unfixed>
NOTE:
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3020.html
-CVE-2024-50571 (A heap-based buffer overflow in Fortinet FortiOS 7.6.0 through
7.6.1, ...)
+CVE-2024-50571 (A heap-based buffer overflow vulnerability in Fortinet
FortiAnalyzer 7 ...)
NOT-FOR-US: Fortinet
CVE-2024-48891 (An Improper Neutralization of Special Elements used in an OS
Command ( ...)
NOT-FOR-US: Fortinet
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd571566e76ac96703cb1d5bceb3424bdc38fb80
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd571566e76ac96703cb1d5bceb3424bdc38fb80
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
