[Git][security-tracker-team/security-tracker][master] new gst-plugins-bad1.0 issues / NFU

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jun 16 08:35:39 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
79dae99c by Moritz Muehlenhoff at 2026-06-16T09:34:28+02:00
new gst-plugins-bad1.0 issues / NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -39,9 +39,13 @@ CVE-2026-53430 (Improper Handling of Highly Compressed Data (Data Amplification)
 CVE-2026-52722 (A signed integer overflow vulnerability was found in GStreamer's VMnc  ...)
 	TODO: check
 CVE-2026-52721 (Multiple out-of-bounds read vulnerabilities were found in GStreamer's  ...)
-	TODO: check
+	- gst-plugins-bad1.0 <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2486732
+	NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/work_items/5106 (private)
 CVE-2026-52720 (A heap buffer overflow vulnerability was found in GStreamer's librfb ( ...)
-	TODO: check
+	- gst-plugins-bad1.0 <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2486731
+	NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/work_items/5105 (private)
 CVE-2026-52703 (Unauthenticated Path Traversal in FastDup <= 2.7.2 versions.)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-52702 (Unauthenticated Cross Site Scripting (XSS) in SEO Redirection <= 9.17  ...)
@@ -734,7 +738,7 @@ CVE-2026-48969 (Subscriber Broken Access Control in Really Simple SSL <= 9.5.9 v
 CVE-2026-47777 (Mastodon is a free, open-source social network server based on Activit ...)
 	- mastodon <itp> (bug #859741)
 CVE-2026-44188 (A flaw was found in Ansible Lightspeed. This vulnerability, related to ...)
-	TODO: check
+	NOT-FOR-US: Red Hat Ansible Automation Platform
 CVE-2026-34030 (TheWertheim SafeController Software, AssemblyVersion 6.15.8328.28014,  ...)
 	NOT-FOR-US: Wertheim SafeController Software
 CVE-2026-34029 (TheWertheim SafeController Software, AssemblyVersion 6.15.8328.28014,  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79dae99cbedd37415bcb60a7eaaef0e41f777ae2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79dae99cbedd37415bcb60a7eaaef0e41f777ae2
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260616/ea459e01/attachment.htm>

More information about the debian-security-tracker-commits mailing list