Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
90caa05d by Moritz Muehlenhoff at 2026-07-01T12:22:41+02:00
new activemq issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1648,11 +1648,14 @@ CVE-2026-58010 (A flaw was found in GLib. An off-by-one
error can occur in the g
NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/5134 (2.88.1)
NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/5135 (2.86.5)
CVE-2026-54475 (Missing Authorization vulnerability in Apache ActiveMQ Broker,
Apache ...)
- TODO: check
+ - activemq <unfixed>
+ NOTE: https://lists.apache.org/thread/85f3q7mkh71y7qwyn6wvgw0bw4jl06ys
CVE-2026-53917 (Memory Allocation with Excessive Size Value vulnerability in
Apache Ac ...)
- TODO: check
+ - activemq <unfixed>
+ NOTE: https://lists.apache.org/thread/grrd1mwgkgblqjbwkkq6dvmdxd9ov2dx
CVE-2026-53916 (Memory Allocation with Excessive Size Value vulnerability in
Apache Ac ...)
- TODO: check
+ - activemq <unfixed>
+ NOTE: https://lists.apache.org/thread/07hjsj88hqgsb7vvg6ttsj56ts9vjs5n
CVE-2026-53692 (Redeight CMS version 1.0 uses the MD5 algorithm without a salt
to stor ...)
NOT-FOR-US: Redeight CMS
CVE-2026-53691 (An Unrestricted File Upload vulnerability in Redeight CMS
version 1.0 ...)
@@ -1666,23 +1669,29 @@ CVE-2026-53432 (fzf is vulnerable toInteger Overflow
leading to crash in FuzzyMa
- fzf 0.73.1-1
NOTE: Fixed by:
https://github.com/junegunn/fzf/commit/ccedd064ca56921a4235219516b3d834f60e7b91
(v0.73.0)
CVE-2026-52760 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ - activemq <unfixed>
+ NOTE: https://lists.apache.org/thread/d3mhyo2116nomz2lwxppyy4pclvdxq3n
CVE-2026-50750 (Denial of Service via Out of Memory vulnerability in Apache
ActiveMQ B ...)
- TODO: check
+ - activemq <unfixed>
+ NOTE: https://lists.apache.org/thread/nhkmbdym61yp6wwy0dny8w1p46sm87kr
CVE-2026-50734 (Memory Allocation with Excessive Size Value vulnerability in
Apache Ac ...)
- TODO: check
+ - activemq <unfixed>
+ NOTE: https://lists.apache.org/thread/nxso951fnvf72qf9m475mpz4yf931xk0
CVE-2026-4629 (A flaw was found in Keycloak. A highly privileged user with
`manage-cl ...)
- keycloak <itp> (bug #1088287)
CVE-2026-4360 (In the Tarfile.extract() function, the filter parameter is not
passed ...)
TODO: check
CVE-2026-49877 (Improper Authorization vulnerability in Apache ActiveMQ. An
authentic ...)
- TODO: check
+ - activemq <unfixed>
+ NOTE: https://lists.apache.org/thread/w82vtc3q02j5ot94tnyy1197y3wb98hl
CVE-2026-49451 (The OpenAPI.NET SDK contains a useful object model for OpenAPI
documen ...)
NOT-FOR-US: OpenAPI.NET SDK
CVE-2026-49434 (Improper Input Validation vulnerability in Apache ActiveMQ
Broker, Apa ...)
- TODO: check
+ - activemq <unfixed>
+ NOTE: https://lists.apache.org/thread/hcjh7kdk4l85tb9ksmvcnkhso1ngj50o
CVE-2026-49432 (Improper Input Validation vulnerability in Apache ActiveMQ,
Apache Act ...)
- TODO: check
+ - activemq <unfixed>
+ NOTE: https://lists.apache.org/thread/fsjb26605syqr8xks249h8gkp86t55d2
CVE-2026-48315 (ColdFusion versions 2025.9, 2023.20 and earlier are affected
by an Imp ...)
NOT-FOR-US: Adobe
CVE-2026-48314 (ColdFusion versions 2025.9, 2023.20 and earlier are affected
by an Imp ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90caa05dbe9bddd209c9b34e3c80eacf687be415
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90caa05dbe9bddd209c9b34e3c80eacf687be415
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits