[Git][security-tracker-team/security-tracker][master] CVE assigned for one varnish issue

Wed, 03 Jun 2026 00:24:25 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2b82269f by Salvatore Bonaccorso at 2026-06-03T09:23:52+02:00
CVE assigned for one varnish issue

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16,8 +16,6 @@ CVE-2026-5074 (The ARMember Premium plugin for WordPress is 
vulnerable to SQL In
        NOT-FOR-US: WordPress plugin
 CVE-2026-5073 (The ARMember Premium plugin for WordPress is vulnerable to SQL 
Injecti ...)
        NOT-FOR-US: WordPress plugin
-CVE-2026-50052 (In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a 
deficien ...)
-       TODO: check
 CVE-2026-50031 (ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer 
overflows on ...)
        TODO: check
 CVE-2026-49448 (authentik is an open-source identity provider. Prior to 
versions 2025. ...)
@@ -10211,9 +10209,8 @@ CVE-2026-8946 (Incorrect boundary conditions in the 
Audio/Video: Web Codecs comp
 CVE-2026-8945 (Sandbox escape in Firefox and Firefox Focus for Android. This 
vulnerab ...)
        - firefox <not-affected> (Only affects Firefox on Android)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8945
-CVE-2026-XXXX [VSV00019]
+CVE-2026-50052 [VSV00019]
        - varnish <unfixed>
-       [trixie] - varnish 7.7.0-3+deb13u1
        [bookworm] - varnish <not-affected> (Vulnerable code not present, 
introduced in 7.6)
        [bullseye] - varnish <not-affected> (Vulnerable code not present, 
introduced in 7.6)
        NOTE: https://vinyl-cache.org/security/VSV00019.html


=====================================
data/DSA/list
=====================================
@@ -53,7 +53,7 @@
        {CVE-2026-33278 CVE-2026-42944 CVE-2026-42959 CVE-2026-32792 
CVE-2026-40622 CVE-2026-41292 CVE-2026-42534 CVE-2026-42923 CVE-2026-42960 
CVE-2026-44390 CVE-2026-44608}
        [trixie] - unbound 1.22.0-2+deb13u3
 [27 May 2026] DSA-6303-1 varnish - security update
-       {CVE-2025-8671}
+       {CVE-2025-8671 CVE-2026-50052}
        [trixie] - varnish 7.7.0-3+deb13u1
 [27 May 2026] DSA-6302-1 starlette - security update
        {CVE-2026-48710}



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b82269f37ca4da29158d4afe65f020080d36c50

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b82269f37ca4da29158d4afe65f020080d36c50
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to