Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d06cb34f by Salvatore Bonaccorso at 2026-06-05T00:02:53+02:00
Add new rlottie issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -67,7 +67,8 @@ CVE-2026-4104 (Authorization bypass through User-Controlled
SQL primary key vuln
CVE-2026-49771 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-49510 (Integer overflow or wraparound vulnerability in Samsung Open
Source rl ...)
- TODO: check
+ - rlottie <unfixed>
+ NOTE: https://github.com/Samsung/rlottie/pull/592
CVE-2026-49204 (Leftover debug modules contain fixed credentials for internal
AWS Cogn ...)
NOT-FOR-US: Acer
CVE-2026-49203 (Crucial management API endpoints for cellular eSIM allocation
do not v ...)
@@ -105,13 +106,20 @@ CVE-2026-47707 (Strawberry GraphQL is a library for
creating GraphQL APIs. In ve
CVE-2026-47706 (Strawberry GraphQL is a library for creating GraphQL APIs. In
versions ...)
NOT-FOR-US: Strawberry GraphQL
CVE-2026-47320 (Access of uninitialized pointer, Uncontrolled Recursion
vulnerability ...)
- TODO: check
+ - rlottie <unfixed>
+ NOTE: https://github.com/Samsung/rlottie/pull/593
CVE-2026-47319 (Memory allocation with excessive size value vulnerability in
Samsung O ...)
- TODO: check
+ - rlottie <unfixed>
+ NOTE: https://github.com/Samsung/rlottie/pull/588
+ NOTE:
https://github.com/Samsung/rlottie/commit/5def9f402b1cb5b09f52655e414f0afba4ffd959
CVE-2026-47318 (Stack-based buffer overflow vulnerability in Samsung Open
Source rlott ...)
- TODO: check
+ - rlottie <unfixed>
+ NOTE: https://github.com/Samsung/rlottie/pull/582
+ NOTE:
https://github.com/Samsung/rlottie/commit/9e4f354f6ebdf294738ef7abf1728f40889c2c51
CVE-2026-47306 (Uncontrolled Recursion vulnerability in Samsung Open Source
rlottie al ...)
- TODO: check
+ - rlottie <unfixed>
+ NOTE: https://github.com/Samsung/rlottie/pull/585
+ NOTE:
https://github.com/Samsung/rlottie/commit/1cda06022e53206c230fb0c6e38b2adaea729a5d
CVE-2026-45739 (Strawberry GraphQL is a library for creating GraphQL APIs. In
versions ...)
NOT-FOR-US: Strawberry GraphQL
CVE-2026-45433 (This vulnerability exists in GX Earth 2022 ONT models due to
the prese ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d06cb34fc33b621b3bf85c1e3f3e43f789ae19d1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d06cb34fc33b621b3bf85c1e3f3e43f789ae19d1
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
