Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d95ef293 by Salvatore Bonaccorso at 2026-07-09T08:39:08+02:00
Add two new ImageMagick issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -319,9 +319,13 @@ CVE-2026-56775 (n8n before 1.123.55, 2.25.7, and 2.26.2
contains an authorizatio
CVE-2026-56401 (Wazuh wazuh-modulesd before 5.0.0-beta3 contains a null
pointer derefe ...)
NOT-FOR-US: Wazuh
CVE-2026-56374 (ImageMagick before 7.1.2-19 contains a heap buffer overflow
vulnerabil ...)
- TODO: check
+ - imagemagick 8:7.1.2.19+dfsg1-1
+ NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-w54j-7wpm-crhj
+ NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/22aef933133770706caafb93f814f5306dcca345
(7.1.2-19)
CVE-2026-56362 (ImageMagick before 7.1.2-15 contains a heap-buffer-overflow
read vulne ...)
- TODO: check
+ - imagemagick <undetermined>
+ NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gq5v-qf8q-fp77
+ TODO: chedk fixing commit
CVE-2026-56360 (n8n before versions 1.123.18 and 2.6.2 fails to verify
HMAC-SHA256 sig ...)
TODO: check
CVE-2026-56359 (n8n before 2.8.0 contains a cross-site scripting vulnerability
in the ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d95ef293c406dd35fe264182d3078c54a503de55
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d95ef293c406dd35fe264182d3078c54a503de55
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits