[Git][security-tracker-team/security-tracker][master] Add new set of opencascade issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 2 09:02:57 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6317f10d by Salvatore Bonaccorso at 2026-05-02T10:02:37+02:00
Add new set of opencascade issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -168,17 +168,23 @@ CVE-2026-42482 (A stack-based buffer overflow in mangle_to_hex_lower() and mangl
 	NOTE: https://gist.github.com/sgInnora/107f2eb20367e47d58c911e38d56a91f
 	TODO: check upstream details
 CVE-2026-42481 (Open CASCADE Technology (OCCT) V8_0_0_rc5 contains multiple vulnerabil ...)
-	TODO: check
+	- opencascade <unfixed>
+	NOTE: https://gist.github.com/sgInnora/dfba083d04906283e9c92aea78e2d94a
 CVE-2026-42480 (A stack-based out-of-bounds read vulnerability in VrmlData_Scene::Read ...)
-	TODO: check
+	- opencascade <unfixed>
+	NOTE: https://gist.github.com/sgInnora/dfba083d04906283e9c92aea78e2d94a
 CVE-2026-42479 (An out-of-bounds read vulnerability in VrmlData_IndexedLineSet::TShape ...)
-	TODO: check
+	- opencascade <unfixed>
+	NOTE: https://gist.github.com/sgInnora/dfba083d04906283e9c92aea78e2d94a
 CVE-2026-42478 (An issue was discovered in VrmlData_IndexedFaceSet::TShape in the VRML ...)
-	TODO: check
+	- opencascade <unfixed>
+	NOTE: https://gist.github.com/sgInnora/dfba083d04906283e9c92aea78e2d94a
 CVE-2026-42477 (A heap-based out-of-bounds read vulnerability in RWObj_Reader::read in ...)
-	TODO: check
+	- opencascade <unfixed>
+	NOTE: https://gist.github.com/sgInnora/dfba083d04906283e9c92aea78e2d94a
 CVE-2026-42476 (Two heap-based out-of-bounds read vulnerabilities in the STL ASCII fil ...)
-	TODO: check
+	- opencascade <unfixed>
+	NOTE: https://gist.github.com/sgInnora/dfba083d04906283e9c92aea78e2d94a
 CVE-2026-42475 (SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via cr ...)
 	NOT-FOR-US: MixPHP Framework
 CVE-2026-42474 (SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via cr ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6317f10d4b5fc8b8ad046eee9897aa91b5a52a53

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6317f10d4b5fc8b8ad046eee9897aa91b5a52a53
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260502/892d4cad/attachment.htm>

More information about the debian-security-tracker-commits mailing list