Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3aefc907 by Moritz Muehlenhoff at 2026-06-27T13:40:14+02:00
new gpac issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1073,9 +1073,11 @@ CVE-2025-71327 (Flowise contains an authentication 
bypass vulnerability in the u
 CVE-2025-71324 (Flowise before 3.0.6 contains an arbitrary file read 
vulnerability in  ...)
        NOT-FOR-US: Flowise
 CVE-2025-60465 (A use-after-free in the gf_filter_pid_inst_swap function 
(/filter_core ...)
-       TODO: check
+       - gpac <removed>
+       [bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 CVE-2025-60464 (A use-after-free in the gf_sei_load_from_state_internal 
function (/fil ...)
-       TODO: check
+       - gpac <removed>
+       [bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 CVE-2025-10268 (The Printcart Web to Print Product Designer for WooCommerce 
WordPress  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-47987 (Parse Server before 4.10.0 was affected by a supply chain 
incident in  ...)
@@ -2727,17 +2729,23 @@ CVE-2025-8106
 CVE-2025-64719 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, a mal ...)
        TODO: check
 CVE-2025-60474 (A buffer overflow in the gf_media_import function 
(/media_tools/av_par ...)
-       TODO: check
+       - gpac <removed>
+       [bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 CVE-2025-60473 (A NULL pointer dereference in the gf_filter_in_parent_chain 
function ( ...)
-       TODO: check
+       - gpac <removed>
+       [bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 CVE-2025-60471 (A use-after-free in the gf_filter_pid_reconfigure_task_discard 
functio ...)
-       TODO: check
+       - gpac <removed>
+       [bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 CVE-2025-60468 (GPAC Multimedia Open Source Project GPAC Project/MP4Box 
2.5-DEV-rev159 ...)
-       TODO: check
+       - gpac <removed>
+       [bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 CVE-2025-60467 (A use-after-free in the gf_filter_pid_inst_swap_delete_task 
function ( ...)
-       TODO: check
+       - gpac <removed>
+       [bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 CVE-2025-60466 (A use-after-free in the gf_filter_pid_get_packet function 
(/filter_cor ...)
-       TODO: check
+       - gpac <removed>
+       [bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
 CVE-2026-13201 (A flaw was found in KubeVirt's safepath package used by 
virt-handler.  ...)
        NOT-FOR-US: KubeVirt
 CVE-2026-13208 (A flaw was found in KubeVirt's virt-handler domain notify 
server. The  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3aefc907756b5acdcc05dab40286ee15f0c7a749

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3aefc907756b5acdcc05dab40286ee15f0c7a749
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to