[Git][security-tracker-team/security-tracker][master] Add set of new libstb issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Apr 2 15:35:36 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0e56b655 by Salvatore Bonaccorso at 2026-04-02T16:34:55+02:00
Add set of new libstb issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -46,15 +46,20 @@ CVE-2026-5318 (A weakness has been identified in LibRaw up to 0.22.0. This impac
NOTE: https://github.com/LibRaw/LibRaw/issues/794
NOTE: Fixed by: https://github.com/LibRaw/LibRaw/commit/a6734e867b19d75367c05f872ac26322464e3995
CVE-2026-5317 (A security flaw has been discovered in Nothings stb up to 1.22. This a ...)
- TODO: check
+ - libstb <unfixed>
+ TODO: check upstream details
CVE-2026-5316 (A vulnerability was identified in Nothings stb up to 1.22. The impacte ...)
- TODO: check
+ - libstb <unfixed>
+ TODO: check upstream details
CVE-2026-5315 (A vulnerability was determined in Nothings stb up to 1.26. The affecte ...)
- TODO: check
+ - libstb <unfixed>
+ TODO: check upstream details
CVE-2026-5314 (A vulnerability was found in Nothings stb up to 1.26. Impacted is the ...)
- TODO: check
+ - libstb <unfixed>
+ TODO: check upstream details
CVE-2026-5313 (A vulnerability has been found in Nothings stb up to 2.30. This issue ...)
- TODO: check
+ - libstb <unfixed>
+ TODO: check upstream details
CVE-2026-5312 (A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, ...)
NOT-FOR-US: D-Link
CVE-2026-5311 (A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-3 ...)
@@ -572,7 +577,8 @@ CVE-2026-5195 (A flaw has been found in code-projects Student Membership System
CVE-2026-5190 (Out-of-bounds write in the streaming decoder component in aws-c-event- ...)
NOT-FOR-US: Amazon
CVE-2026-5186 (A weakness has been identified in Nothings stb up to 2.30. This impact ...)
- TODO: check
+ - libstb <unfixed>
+ TODO: check upstream details
CVE-2026-4947 (Addressed a potential insecure direct object reference (IDOR) vulnerab ...)
NOT-FOR-US: Foxit
CVE-2026-4819 (In Search Guard FLX versions from 1.0.0 up to 4.0.1, the audit logging ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e56b65512f3b223cf84c5a43cb996a3b4b94130
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e56b65512f3b223cf84c5a43cb996a3b4b94130
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260402/74329db5/attachment.htm>
More information about the debian-security-tracker-commits
mailing list