[Git][security-tracker-team/security-tracker][master] Reference upstream issues for gvfs's CVE-2026-28295 and CVE-2026-28296
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Feb 26 21:56:18 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7baa945e by Salvatore Bonaccorso at 2026-02-26T22:55:39+01:00
Reference upstream issues for gvfs's CVE-2026-28295 and CVE-2026-28296
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12,10 +12,10 @@ CVE-2026-2244 (A vulnerability in Google Cloud Vertex AI Workbench from7/21/2025
NOT-FOR-US: Google Cloud Vertex AI Workbench
CVE-2026-28296 (A flaw was found in the FTP GVfs backend. A remote attacker could expl ...)
- gvfs <unfixed>
- NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2443003
+ NOTE: https://gitlab.gnome.org/GNOME/gvfs/-/issues/833
CVE-2026-28295 (A flaw was found in the FTP GVfs backend. A malicious FTP server can e ...)
- gvfs <unfixed>
- NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2443004
+ NOTE: https://gitlab.gnome.org/GNOME/gvfs/-/issues/832
CVE-2026-28138 (Deserialization of Untrusted Data vulnerability in Stylemix uListing u ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-28136 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7baa945e5601f07ad635820e5df77c4abca74e1e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7baa945e5601f07ad635820e5df77c4abca74e1e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260226/af6c8330/attachment.htm>
More information about the debian-security-tracker-commits
mailing list