Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
90caa05d by Moritz Muehlenhoff at 2026-07-01T12:22:41+02:00
new activemq issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1648,11 +1648,14 @@ CVE-2026-58010 (A flaw was found in GLib. An off-by-one 
error can occur in the g
        NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/5134 (2.88.1)
        NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/5135 (2.86.5)
 CVE-2026-54475 (Missing Authorization vulnerability in Apache ActiveMQ Broker, 
Apache  ...)
-       TODO: check
+       - activemq <unfixed>
+       NOTE: https://lists.apache.org/thread/85f3q7mkh71y7qwyn6wvgw0bw4jl06ys
 CVE-2026-53917 (Memory Allocation with Excessive Size Value vulnerability in 
Apache Ac ...)
-       TODO: check
+       - activemq <unfixed>
+       NOTE: https://lists.apache.org/thread/grrd1mwgkgblqjbwkkq6dvmdxd9ov2dx
 CVE-2026-53916 (Memory Allocation with Excessive Size Value vulnerability in 
Apache Ac ...)
-       TODO: check
+       - activemq <unfixed>
+       NOTE: https://lists.apache.org/thread/07hjsj88hqgsb7vvg6ttsj56ts9vjs5n
 CVE-2026-53692 (Redeight CMS version 1.0 uses the MD5 algorithm without a salt 
to stor ...)
        NOT-FOR-US: Redeight CMS
 CVE-2026-53691 (An Unrestricted File Upload vulnerability in Redeight CMS 
version 1.0  ...)
@@ -1666,23 +1669,29 @@ CVE-2026-53432 (fzf is vulnerable toInteger Overflow 
leading to crash in FuzzyMa
        - fzf 0.73.1-1
        NOTE: Fixed by: 
https://github.com/junegunn/fzf/commit/ccedd064ca56921a4235219516b3d834f60e7b91 
(v0.73.0)
 CVE-2026-52760 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       - activemq <unfixed>
+       NOTE: https://lists.apache.org/thread/d3mhyo2116nomz2lwxppyy4pclvdxq3n
 CVE-2026-50750 (Denial of Service via Out of Memory vulnerability in Apache 
ActiveMQ B ...)
-       TODO: check
+       - activemq <unfixed>
+       NOTE: https://lists.apache.org/thread/nhkmbdym61yp6wwy0dny8w1p46sm87kr
 CVE-2026-50734 (Memory Allocation with Excessive Size Value vulnerability in 
Apache Ac ...)
-       TODO: check
+       - activemq <unfixed>
+       NOTE: https://lists.apache.org/thread/nxso951fnvf72qf9m475mpz4yf931xk0
 CVE-2026-4629 (A flaw was found in Keycloak. A highly privileged user with 
`manage-cl ...)
        - keycloak <itp> (bug #1088287)
 CVE-2026-4360 (In the Tarfile.extract() function, the filter parameter is not 
passed  ...)
        TODO: check
 CVE-2026-49877 (Improper Authorization vulnerability in Apache ActiveMQ.  An 
authentic ...)
-       TODO: check
+       - activemq <unfixed>
+       NOTE: https://lists.apache.org/thread/w82vtc3q02j5ot94tnyy1197y3wb98hl
 CVE-2026-49451 (The OpenAPI.NET SDK contains a useful object model for OpenAPI 
documen ...)
        NOT-FOR-US: OpenAPI.NET SDK
 CVE-2026-49434 (Improper Input Validation vulnerability in Apache ActiveMQ 
Broker, Apa ...)
-       TODO: check
+       - activemq <unfixed>
+       NOTE: https://lists.apache.org/thread/hcjh7kdk4l85tb9ksmvcnkhso1ngj50o
 CVE-2026-49432 (Improper Input Validation vulnerability in Apache ActiveMQ, 
Apache Act ...)
-       TODO: check
+       - activemq <unfixed>
+       NOTE: https://lists.apache.org/thread/fsjb26605syqr8xks249h8gkp86t55d2
 CVE-2026-48315 (ColdFusion versions 2025.9, 2023.20 and earlier are affected 
by an Imp ...)
        NOT-FOR-US: Adobe
 CVE-2026-48314 (ColdFusion versions 2025.9, 2023.20 and earlier are affected 
by an Imp ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90caa05dbe9bddd209c9b34e3c80eacf687be415

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90caa05dbe9bddd209c9b34e3c80eacf687be415
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to