{"@context":"https://openvex.dev/ns/v0.2.0","@id":"pkg:docker/synthetics-private-location-worker-fips@1.67.0","author":"security@datadoghq.com","author_role":"Vulnerability Management","last_updated":"2026-05-14T11:43:47.937016643Z","statements":[{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.232231Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.232231Z","products":[{"@id":"pkg:deb/ubuntu/login@1%3A4.13%2Bdfsg1-4ubuntu3.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=shadow"},{"@id":"pkg:deb/ubuntu/passwd@1%3A4.13%2Bdfsg1-4ubuntu3.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=shadow"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.232231Z","vulnerability":{"name":"CVE-2024-56433"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.233476Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.233476Z","products":[{"@id":"pkg:npm/request@2.88.2"}],"status":"affected","timestamp":"2026-05-14T11:37:19.233475Z","vulnerability":{"name":"CVE-2023-28155"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.234134Z","impact_statement":"Firefox does not support JPEG 2000 and does not invoke FFmpeg's jpeg2000dec decoder. The channel definition cdef atom is a JPEG 2000 container construct that would only be processed by explicitly running FFmpeg against a crafted JPEG 2000 file. No such execution path exists in the Synthetics Worker.","justification":"vulnerable_code_not_present","last_updated":"2026-05-14T11:37:19.234134Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"not_affected","timestamp":"2026-05-14T11:37:19.234134Z","vulnerability":{"name":"CVE-2025-9951"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.235737Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.235737Z","products":[{"@id":"pkg:deb/ubuntu/libgcrypt20@1.10.3-2build1?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.235736Z","vulnerability":{"name":"CVE-2024-2236"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.236384Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.236384Z","products":[{"@id":"pkg:deb/ubuntu/libjpeg-turbo8@2.1.5-2ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libjpeg-turbo"}],"status":"affected","timestamp":"2026-05-14T11:37:19.236383Z","vulnerability":{"name":"CVE-2018-10126"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.237305Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.237305Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T11:37:19.237304Z","vulnerability":{"name":"CVE-2024-41996"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.238037Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.238037Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"affected","timestamp":"2026-05-14T11:37:19.238037Z","vulnerability":{"name":"CVE-2024-32228"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.239044Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.239044Z","products":[{"@id":"pkg:deb/ubuntu/wget@1.21.4-1ubuntu4.1?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T11:37:19.239044Z","vulnerability":{"name":"CVE-2024-10524"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.239121Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.239121Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.239121Z","vulnerability":{"name":"CVE-2024-31578"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.239211Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.239211Z","products":[{"@id":"pkg:deb/ubuntu/libcairo2@1.18.0-3build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cairo"},{"@id":"pkg:deb/ubuntu/libcairo-gobject2@1.18.0-3build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cairo"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.239211Z","vulnerability":{"name":"CVE-2018-18064"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.239258Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.239258Z","products":[{"@id":"pkg:deb/ubuntu/libzvbi0t64@0.2.42-2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=zvbi"},{"@id":"pkg:deb/ubuntu/libzvbi-common@0.2.42-2?arch=all\u0026distro=ubuntu-24.04\u0026upstream=zvbi"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.239258Z","vulnerability":{"name":"CVE-2025-2173"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.239306Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.239306Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.239306Z","vulnerability":{"name":"CVE-2023-49502"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.241859Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.241859Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.241859Z","vulnerability":{"name":"CVE-2024-35368"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.242522Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.242521Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.242521Z","vulnerability":{"name":"CVE-2024-35365"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.243609Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.243609Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.243608Z","vulnerability":{"name":"CVE-2024-35366"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.243724Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.243724Z","products":[{"@id":"pkg:deb/ubuntu/libopenjp2-7@2.5.0-2ubuntu0.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openjpeg2"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.243724Z","vulnerability":{"name":"CVE-2019-6988"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.24375Z","impact_statement":"libx264 is an H.264 video encoder library. The attack vector described (RCE via a crafted AAC audio file) represents an unusual cross-format exploitation path that would require libx264 to process an AAC audio stream directly — a scenario that does not occur during normal H.264 encoding operations. In the Synthetics Worker, libx264 is a transitive dependency of libavcodec-extra; Firefox may use it for H.264 video encoding in limited contexts (e.g., getUserMedia/WebRTC), but the Synthetics Worker does not execute WebRTC sessions nor does it process untrusted AAC files through any pipeline that routes to libx264. The exploitation path (attacker-supplied AAC → libx264 memory corruption) cannot be triggered by the Synthetics Worker's operational model.","justification":"vulnerable_code_not_in_execute_path","last_updated":"2026-05-14T11:37:19.24375Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libx264-164@2%3A0.164.3108%2Bgit31e19f9-1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=x264"}],"status":"not_affected","timestamp":"2026-05-14T11:37:19.24375Z","vulnerability":{"name":"CVE-2025-25467"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.243854Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.243854Z","products":[{"@id":"pkg:deb/ubuntu/libzvbi0t64@0.2.42-2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=zvbi"},{"@id":"pkg:deb/ubuntu/libzvbi-common@0.2.42-2?arch=all\u0026distro=ubuntu-24.04\u0026upstream=zvbi"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.243854Z","vulnerability":{"name":"CVE-2025-2174"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.24592Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.245919Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.245918Z","vulnerability":{"name":"CVE-2024-35367"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.246861Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.246861Z","products":[{"@id":"pkg:deb/ubuntu/libcairo2@1.18.0-3build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cairo"},{"@id":"pkg:deb/ubuntu/libcairo-gobject2@1.18.0-3build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cairo"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.246861Z","vulnerability":{"name":"CVE-2017-7475"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.246902Z","impact_statement":"The TTY (TeleTYpe/terminal output capture) demuxer in FFmpeg processes a niche format entirely unrelated to web content or browser media. Firefox's media pipeline does not call FFmpeg's TTY demuxer. This code path requires that FFmpeg's demuxer subsystem be invoked on TTY-format input, which cannot occur during the Synthetics Worker's browser-based test execution.","justification":"vulnerable_code_not_in_execute_path","last_updated":"2026-05-14T11:37:19.246902Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"not_affected","timestamp":"2026-05-14T11:37:19.246902Z","vulnerability":{"name":"CVE-2023-6602"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.247009Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.247009Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.247009Z","vulnerability":{"name":"CVE-2024-32230"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.247077Z","impact_statement":"Firefox has never supported JPEG 2000 image/video decoding (the format was only supported in Safari/WebKit). No web content served during Synthetics Worker test execution would cause Firefox to invoke FFmpeg's jpeg2000dec decoder.","justification":"vulnerable_code_not_in_execute_path","last_updated":"2026-05-14T11:37:19.247077Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"not_affected","timestamp":"2026-05-14T11:37:19.247077Z","vulnerability":{"name":"CVE-2025-22921"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.247152Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.247152Z","products":[{"@id":"pkg:deb/ubuntu/wget@1.21.4-1ubuntu4.1?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.247152Z","vulnerability":{"name":"CVE-2021-31879"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.248018Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.248018Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"affected","timestamp":"2026-05-14T11:37:19.248017Z","vulnerability":{"name":"CVE-2026-42010"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.248609Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.248609Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T11:37:19.248609Z","vulnerability":{"name":"CVE-2025-27587"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.24935Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.24935Z","products":[{"@id":"pkg:deb/ubuntu/tar@1.35%2Bdfsg-3build1?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.24935Z","vulnerability":{"name":"CVE-2025-45582"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.249492Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.249492Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.249492Z","vulnerability":{"name":"CVE-2024-7055"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.249575Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.249575Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.249574Z","vulnerability":{"name":"CVE-2025-0518"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.25143Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.25143Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.25143Z","vulnerability":{"name":"CVE-2025-1594"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.251516Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.251515Z","products":[{"@id":"pkg:npm/basic-ftp@5.3.0"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.251515Z","vulnerability":{"name":"CVE-2026-44240"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.251541Z","impact_statement":"XBIN (eXtended BINary) is a text-art/ANSI art container format with no presence in web content. No web browser invokes FFmpeg's XBIN demuxer during normal browsing. The Synthetics Worker processes HTML pages and web assets through the browser runtime; it does not call FFmpeg's format detection or demuxing stack on any content. This attack vector (feeding arbitrary data to FFmpeg's demuxer) cannot be exercised in this deployment.","justification":"vulnerable_code_not_in_execute_path","last_updated":"2026-05-14T11:37:19.251541Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"not_affected","timestamp":"2026-05-14T11:37:19.25154Z","vulnerability":{"name":"CVE-2023-6604"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.25161Z","impact_statement":"avformat_free_context() is an FFmpeg-specific API call used to release AVFormatContext objects in applications that directly use libavformat. Firefox does not call FFmpeg's avformat_free_context(), it manages its own media context lifecycle via its native Gecko media framework.","justification":"vulnerable_code_not_in_execute_path","last_updated":"2026-05-14T11:37:19.25161Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"not_affected","timestamp":"2026-05-14T11:37:19.25161Z","vulnerability":{"name":"CVE-2025-25473"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.252332Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.252332Z","products":[{"@id":"pkg:deb/ubuntu/libgssapi-krb5-2@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libk5crypto3@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5-3@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5support0@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"}],"status":"affected","timestamp":"2026-05-14T11:37:19.252332Z","vulnerability":{"name":"CVE-2026-40355"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.253898Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.253898Z","products":[{"@id":"pkg:deb/ubuntu/libgssapi-krb5-2@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libk5crypto3@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5-3@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5support0@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"}],"status":"affected","timestamp":"2026-05-14T11:37:19.253898Z","vulnerability":{"name":"CVE-2026-40356"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.25413Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.25413Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.25413Z","vulnerability":{"name":"CVE-2025-7700"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.2542Z","impact_statement":"Firefox implements MPEG-DASH adaptive streaming natively through its Gecko media engine and does not delegate DASH playlist fetching or parsing to FFmpeg's libavformat DASH demuxer. The SSRF in this CVE requires that FFmpeg actively fetch URLs specified in a DASH manifest this requires FFmpeg to be directly invoked with network I/O enabled on untrusted input, which never occurs in this deployment","justification":"vulnerable_code_not_in_execute_path","last_updated":"2026-05-14T11:37:19.2542Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"not_affected","timestamp":"2026-05-14T11:37:19.2542Z","vulnerability":{"name":"CVE-2023-6605"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.254284Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.254282Z","products":[{"@id":"pkg:deb/ubuntu/libzvbi0t64@0.2.42-2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=zvbi"},{"@id":"pkg:deb/ubuntu/libzvbi-common@0.2.42-2?arch=all\u0026distro=ubuntu-24.04\u0026upstream=zvbi"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.254282Z","vulnerability":{"name":"CVE-2025-2175"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.254333Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.254332Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"affected","timestamp":"2026-05-14T11:37:19.254332Z","vulnerability":{"name":"CVE-2026-3833"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.254363Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.254363Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.254362Z","vulnerability":{"name":"CVE-2025-63757"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.257745Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.257745Z","products":[{"@id":"pkg:deb/ubuntu/libcups2t64@2.4.7-1.2ubuntu7.9?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cups"}],"status":"affected","timestamp":"2026-05-14T11:37:19.257743Z","vulnerability":{"name":"CVE-2026-34978"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.257795Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.257795Z","products":[{"@id":"pkg:golang/stdlib@1.25.9"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.257795Z","vulnerability":{"name":"CVE-2026-39820"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.257954Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.257954Z","products":[{"@id":"pkg:deb/ubuntu/libexpat1@2.6.1-2ubuntu0.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=expat"}],"status":"affected","timestamp":"2026-05-14T11:37:19.257954Z","vulnerability":{"name":"CVE-2025-59375"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.258085Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.258085Z","products":[{"@id":"pkg:deb/ubuntu/coreutils@9.4-3ubuntu6.2?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T11:37:19.258085Z","vulnerability":{"name":"CVE-2025-5278"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.258122Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.258122Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.258122Z","vulnerability":{"name":"CVE-2025-22919"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.258205Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.258205Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"affected","timestamp":"2026-05-14T11:37:19.258204Z","vulnerability":{"name":"CVE-2026-33846"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.258233Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.258233Z","products":[{"@id":"pkg:deb/ubuntu/libzvbi0t64@0.2.42-2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=zvbi"},{"@id":"pkg:deb/ubuntu/libzvbi-common@0.2.42-2?arch=all\u0026distro=ubuntu-24.04\u0026upstream=zvbi"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.258233Z","vulnerability":{"name":"CVE-2025-2177"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.258637Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.258637Z","products":[{"@id":"pkg:deb/ubuntu/libzvbi0t64@0.2.42-2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=zvbi"},{"@id":"pkg:deb/ubuntu/libzvbi-common@0.2.42-2?arch=all\u0026distro=ubuntu-24.04\u0026upstream=zvbi"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.258637Z","vulnerability":{"name":"CVE-2025-2176"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.258957Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.258956Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.258956Z","vulnerability":{"name":"CVE-2024-36616"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.259174Z","impact_statement":"The ffmpeg-related packages identified in the scan are transitive dependencies introduced through the browser components used by the Synthetics worker. They are not directly invoked by Datadog application code, but are installed as part of the underlying operating system and Chrome dependencies required for browser-based test execution.","justification":"vulnerable_code_not_in_execute_path","last_updated":"2026-05-14T11:37:19.259174Z","products":[{"@id":"pkg:deb/ubuntu/libelf1t64@0.190-1.1ubuntu0.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=elfutils"}],"status":"not_affected","timestamp":"2026-05-14T11:37:19.259174Z","vulnerability":{"name":"CVE-2025-1352"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.259208Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.259207Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"affected","timestamp":"2026-05-14T11:37:19.259207Z","vulnerability":{"name":"CVE-2026-6385"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.259287Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.259287Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/locales@2.39-0ubuntu8.7?arch=all\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.259286Z","vulnerability":{"name":"CVE-2026-4437"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.259352Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.259352Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/locales@2.39-0ubuntu8.7?arch=all\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.259352Z","vulnerability":{"name":"CVE-2026-4046"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.259431Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.259431Z","products":[{"@id":"pkg:deb/ubuntu/libopenjp2-7@2.5.0-2ubuntu0.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openjpeg2"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.259431Z","vulnerability":{"name":"CVE-2023-39329"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.259458Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.259458Z","products":[{"@id":"pkg:deb/ubuntu/libexpat1@2.6.1-2ubuntu0.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=expat"}],"status":"affected","timestamp":"2026-05-14T11:37:19.259458Z","vulnerability":{"name":"CVE-2026-4739"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.259489Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.259489Z","products":[{"@id":"pkg:deb/ubuntu/libpixman-1-0@0.42.2-1build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pixman"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.259488Z","vulnerability":{"name":"CVE-2023-37769"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.259779Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.259778Z","products":[{"@id":"pkg:deb/ubuntu/libcups2t64@2.4.7-1.2ubuntu7.9?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cups"}],"status":"affected","timestamp":"2026-05-14T11:37:19.259778Z","vulnerability":{"name":"CVE-2026-34979"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.260006Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.260005Z","products":[{"@id":"pkg:npm/ip-address@5.9.4"},{"@id":"pkg:npm/ip-address@9.0.5"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.260005Z","vulnerability":{"name":"CVE-2026-42338"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.261151Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.261151Z","products":[{"@id":"pkg:deb/ubuntu/libpng16-16t64@1.6.43-5ubuntu0.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libpng1.6"}],"status":"affected","timestamp":"2026-05-14T11:37:19.26115Z","vulnerability":{"name":"CVE-2026-33416"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.261204Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.261204Z","products":[{"@id":"pkg:npm/fast-uri@3.1.0"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.261203Z","vulnerability":{"name":"CVE-2026-6321"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.261296Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.261296Z","products":[{"@id":"pkg:deb/ubuntu/libpng16-16t64@1.6.43-5ubuntu0.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libpng1.6"}],"status":"affected","timestamp":"2026-05-14T11:37:19.261296Z","vulnerability":{"name":"CVE-2026-33636"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.261341Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.261341Z","products":[{"@id":"pkg:deb/ubuntu/libharfbuzz0b@8.3.0-2build2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=harfbuzz"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.261341Z","vulnerability":{"name":"CVE-2026-22693"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.26138Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.261379Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"affected","timestamp":"2026-05-14T11:37:19.261379Z","vulnerability":{"name":"CVE-2026-30999"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.261601Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.261601Z","products":[{"@id":"pkg:deb/ubuntu/libtiff6@4.5.1%2Bgit230720-4ubuntu2.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=tiff"}],"status":"affected","timestamp":"2026-05-14T11:37:19.2616Z","vulnerability":{"name":"CVE-2026-4775"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.261696Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.261695Z","products":[{"@id":"pkg:npm/fast-uri@3.1.0"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.261695Z","vulnerability":{"name":"CVE-2026-6322"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.261847Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.261847Z","products":[{"@id":"pkg:deb/ubuntu/libgbm1@25.2.8-0ubuntu0.24.04.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=mesa"},{"@id":"pkg:deb/ubuntu/mesa-libgallium@25.2.8-0ubuntu0.24.04.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=mesa"}],"status":"affected","timestamp":"2026-05-14T11:37:19.261846Z","vulnerability":{"name":"CVE-2026-40393"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.261917Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.261917Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"affected","timestamp":"2026-05-14T11:37:19.261917Z","vulnerability":{"name":"CVE-2026-30997"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.262012Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.262012Z","products":[{"@id":"pkg:deb/ubuntu/libxml2@2.9.14%2Bdfsg-1.3ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T11:37:19.262012Z","vulnerability":{"name":"CVE-2026-6732"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.262048Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.262048Z","products":[{"@id":"pkg:deb/ubuntu/xdg-utils@1.1.3-4.1ubuntu3?arch=all\u0026distro=ubuntu-24.04"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.262047Z","vulnerability":{"name":"CVE-2025-52968"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.262088Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.262088Z","products":[{"@id":"pkg:deb/ubuntu/coreutils@9.4-3ubuntu6.2?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T11:37:19.262088Z","vulnerability":{"name":"CVE-2016-2781"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.262127Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.262127Z","products":[{"@id":"pkg:npm/fast-xml-parser@5.3.8"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.262126Z","vulnerability":{"name":"CVE-2026-33349"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.262158Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.262158Z","products":[{"@id":"pkg:deb/ubuntu/libavahi-client3@0.8-13ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=avahi"},{"@id":"pkg:deb/ubuntu/libavahi-common3@0.8-13ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=avahi"},{"@id":"pkg:deb/ubuntu/libavahi-common-data@0.8-13ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=avahi"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.262158Z","vulnerability":{"name":"CVE-2025-59529"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.262239Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.262239Z","products":[{"@id":"pkg:deb/ubuntu/libavahi-client3@0.8-13ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=avahi"},{"@id":"pkg:deb/ubuntu/libavahi-common3@0.8-13ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=avahi"},{"@id":"pkg:deb/ubuntu/libavahi-common-data@0.8-13ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=avahi"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.262238Z","vulnerability":{"name":"CVE-2024-52616"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.263049Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.263049Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/locales@2.39-0ubuntu8.7?arch=all\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"affected","timestamp":"2026-05-14T11:37:19.263049Z","vulnerability":{"name":"CVE-2026-5450"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.263151Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.263151Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"affected","timestamp":"2026-05-14T11:37:19.263151Z","vulnerability":{"name":"CVE-2026-30998"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.263262Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.263262Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"affected","timestamp":"2026-05-14T11:37:19.263261Z","vulnerability":{"name":"CVE-2026-33845"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.263292Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.263292Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/locales@2.39-0ubuntu8.7?arch=all\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"affected","timestamp":"2026-05-14T11:37:19.263292Z","vulnerability":{"name":"CVE-2026-5928"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.26336Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.263359Z","products":[{"@id":"pkg:golang/stdlib@1.25.9"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.263359Z","vulnerability":{"name":"CVE-2026-42499"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.263414Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.263414Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/locales@2.39-0ubuntu8.7?arch=all\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"affected","timestamp":"2026-05-14T11:37:19.263414Z","vulnerability":{"name":"CVE-2026-5435"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.263445Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.263445Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/locales@2.39-0ubuntu8.7?arch=all\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"affected","timestamp":"2026-05-14T11:37:19.263445Z","vulnerability":{"name":"CVE-2026-6238"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.263562Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.263562Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/locales@2.39-0ubuntu8.7?arch=all\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.263562Z","vulnerability":{"name":"CVE-2026-4438"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.263626Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.263626Z","products":[{"@id":"pkg:deb/ubuntu/libpam-systemd@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd-shared@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/systemd@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/systemd-dev@255.4-1ubuntu8.15?arch=all\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/systemd-sysv@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"affected","timestamp":"2026-05-14T11:37:19.263625Z","vulnerability":{"name":"CVE-2026-40225"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.266825Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.266825Z","products":[{"@id":"pkg:deb/ubuntu/libavahi-client3@0.8-13ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=avahi"},{"@id":"pkg:deb/ubuntu/libavahi-common3@0.8-13ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=avahi"},{"@id":"pkg:deb/ubuntu/libavahi-common-data@0.8-13ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=avahi"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.266824Z","vulnerability":{"name":"CVE-2026-24401"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480647Z","products":[{"@id":"pkg:deb/ubuntu/libtiff6@4.5.1%2Bgit230720-4ubuntu2.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=tiff"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480647Z","vulnerability":{"name":"CVE-2025-61143"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480652Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480652Z","vulnerability":{"name":"CVE-2026-27144"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480658Z","products":[{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480658Z","vulnerability":{"name":"CVE-2026-4873"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480668Z","products":[{"@id":"pkg:deb/ubuntu/sed@4.9-2build1?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480668Z","vulnerability":{"name":"CVE-2026-5958"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480673Z","products":[{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480673Z","vulnerability":{"name":"CVE-2026-6276"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.267664Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.267664Z","products":[{"@id":"pkg:deb/ubuntu/libncurses6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libncursesw6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libtinfo6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-base@6.4%2B20240113-1ubuntu2?arch=all\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-bin@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"}],"status":"affected","timestamp":"2026-05-14T11:37:19.267664Z","vulnerability":{"name":"CVE-2025-6141"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.268161Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.268161Z","products":[{"@id":"pkg:deb/ubuntu/libpam0g@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules-bin@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-runtime@1.5.3-5ubuntu5.5?arch=all\u0026distro=ubuntu-24.04\u0026upstream=pam"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.268161Z","vulnerability":{"name":"CVE-2026-43916"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.268253Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.268253Z","products":[{"@id":"pkg:deb/ubuntu/libpam0g@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules-bin@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-runtime@1.5.3-5ubuntu5.5?arch=all\u0026distro=ubuntu-24.04\u0026upstream=pam"}],"status":"affected","timestamp":"2026-05-14T11:37:19.268253Z","vulnerability":{"name":"CVE-2024-10041"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.268338Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.268338Z","products":[{"@id":"pkg:deb/ubuntu/libavahi-client3@0.8-13ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=avahi"},{"@id":"pkg:deb/ubuntu/libavahi-common3@0.8-13ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=avahi"},{"@id":"pkg:deb/ubuntu/libavahi-common-data@0.8-13ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=avahi"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.268338Z","vulnerability":{"name":"CVE-2024-52615"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.268418Z","impact_statement":"Firefox implements HLS (HTTP Live Streaming) via its own native Gecko media pipeline and does not route HLS stream parsing through FFmpeg's HLS demuxer. The libavcodec-extra package is installed as a system codec library but Firefox does not invoke libavformat's HLS demuxer module. Application code has no direct FFmpeg API calls. The extension-bypass attack requires that FFmpeg's demuxer be invoked directly on attacker-controlled input, a condition that cannot be met in this deployment.","justification":"vulnerable_code_not_in_execute_path","last_updated":"2026-05-14T11:37:19.268417Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"not_affected","timestamp":"2026-05-14T11:37:19.268417Z","vulnerability":{"name":"CVE-2023-6601"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.268724Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.268724Z","products":[{"@id":"pkg:npm/fast-xml-parser@5.3.8"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.268724Z","vulnerability":{"name":"CVE-2026-33036"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.268904Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.268904Z","products":[{"@id":"pkg:npm/fast-xml-parser@5.3.8"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.268904Z","vulnerability":{"name":"CVE-2026-41650"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.268969Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.268969Z","products":[{"@id":"pkg:golang/stdlib@1.25.9"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.268969Z","vulnerability":{"name":"CVE-2026-33814"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.269022Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.269022Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.269022Z","vulnerability":{"name":"CVE-2024-36618"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.271279Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.271279Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.271279Z","vulnerability":{"name":"CVE-2024-36619"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.271652Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.271651Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"affected","timestamp":"2026-05-14T11:37:19.271651Z","vulnerability":{"name":"CVE-2026-3832"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.271686Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.271685Z","products":[{"@id":"pkg:deb/ubuntu/liblzma5@5.6.1%2Breally5.4.5-1ubuntu0.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=xz-utils"}],"status":"affected","timestamp":"2026-05-14T11:37:19.271685Z","vulnerability":{"name":"CVE-2026-34743"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.27174Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.27174Z","products":[{"@id":"pkg:golang/stdlib@1.25.9"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.27174Z","vulnerability":{"name":"CVE-2026-39836"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.271785Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.271784Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.271784Z","vulnerability":{"name":"CVE-2023-49501"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.271865Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.271864Z","products":[{"@id":"pkg:deb/ubuntu/libexpat1@2.6.1-2ubuntu0.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=expat"}],"status":"affected","timestamp":"2026-05-14T11:37:19.271864Z","vulnerability":{"name":"CVE-2026-41080"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.271895Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.271895Z","products":[{"@id":"pkg:deb/ubuntu/mtr-tiny@0.95-1.1ubuntu0.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=mtr"}],"status":"affected","timestamp":"2026-05-14T11:37:19.271895Z","vulnerability":{"name":"CVE-2025-49809"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.271924Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.271924Z","products":[{"@id":"pkg:deb/ubuntu/tar@1.35%2Bdfsg-3build1?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T11:37:19.271924Z","vulnerability":{"name":"CVE-2026-5704"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.272555Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.272555Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.272555Z","vulnerability":{"name":"CVE-2024-36613"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.272832Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.272832Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.272831Z","vulnerability":{"name":"CVE-2023-50008"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.27351Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.27351Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/locales@2.39-0ubuntu8.7?arch=all\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"affected","timestamp":"2026-05-14T11:37:19.27351Z","vulnerability":{"name":"CVE-2016-20013"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.273593Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.273592Z","products":[{"@id":"pkg:deb/ubuntu/libjxl0.7@0.7.0-10.2ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=jpeg-xl"}],"status":"affected","timestamp":"2026-05-14T11:37:19.273592Z","vulnerability":{"name":"CVE-2021-36691"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.273625Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.273624Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"affected","timestamp":"2026-05-14T11:37:19.273624Z","vulnerability":{"name":"CVE-2026-42011"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.273653Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.273653Z","products":[{"@id":"pkg:npm/brace-expansion@5.0.2"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.273653Z","vulnerability":{"name":"CVE-2026-33750"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.273678Z","impact_statement":"The ffmpeg-related packages identified in the scan are transitive dependencies introduced through the browser components used by the Synthetics worker. They are not directly invoked by Datadog application code, but are installed as part of the underlying operating system and Chrome dependencies required for browser-based test execution.","justification":"vulnerable_code_not_in_execute_path","last_updated":"2026-05-14T11:37:19.273678Z","products":[{"@id":"pkg:deb/ubuntu/xdg-utils@1.1.3-4.1ubuntu3?arch=all\u0026distro=ubuntu-24.04"}],"status":"not_affected","timestamp":"2026-05-14T11:37:19.273678Z","vulnerability":{"name":"CVE-2022-4055"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.273748Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.273748Z","products":[{"@id":"pkg:golang/stdlib@1.25.9"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.273747Z","vulnerability":{"name":"CVE-2026-33811"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.273797Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.273797Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.273797Z","vulnerability":{"name":"CVE-2023-49528"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.273871Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.273871Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.27387Z","vulnerability":{"name":"CVE-2024-31582"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.274731Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.27473Z","products":[{"@id":"pkg:deb/ubuntu/libcups2t64@2.4.7-1.2ubuntu7.9?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cups"}],"status":"affected","timestamp":"2026-05-14T11:37:19.27473Z","vulnerability":{"name":"CVE-2026-34980"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480679Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480678Z","vulnerability":{"name":"CVE-2026-32288"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480685Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480685Z","vulnerability":{"name":"CVE-2026-31789"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.275222Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.275222Z","products":[{"@id":"pkg:deb/ubuntu/libpam-systemd@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd-shared@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/systemd@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/systemd-dev@255.4-1ubuntu8.15?arch=all\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/systemd-sysv@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"affected","timestamp":"2026-05-14T11:37:19.275221Z","vulnerability":{"name":"CVE-2026-40227"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.275395Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.275395Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.275395Z","vulnerability":{"name":"CVE-2025-59733"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.275474Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.275474Z","products":[{"@id":"pkg:deb/ubuntu/libavahi-client3@0.8-13ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=avahi"},{"@id":"pkg:deb/ubuntu/libavahi-common3@0.8-13ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=avahi"},{"@id":"pkg:deb/ubuntu/libavahi-common-data@0.8-13ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=avahi"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.275474Z","vulnerability":{"name":"CVE-2026-34933"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.275536Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.275536Z","products":[{"@id":"pkg:deb/ubuntu/libvpl2@2023.3.0-1build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=onevpl"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.275536Z","vulnerability":{"name":"CVE-2023-48727"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.275566Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.275566Z","products":[{"@id":"pkg:deb/ubuntu/dpkg@1.22.6ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.275566Z","vulnerability":{"name":"CVE-2026-2219"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.275596Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.275596Z","products":[{"@id":"pkg:deb/ubuntu/libicu74@74.2-1ubuntu3.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=icu"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.275596Z","vulnerability":{"name":"CVE-2025-5222"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.275623Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.275623Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.275623Z","vulnerability":{"name":"CVE-2025-59732"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.27813Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.27813Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"affected","timestamp":"2026-05-14T11:37:19.278129Z","vulnerability":{"name":"CVE-2025-59734"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.278272Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.278272Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.278272Z","vulnerability":{"name":"CVE-2025-59728"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.278302Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.278302Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.278302Z","vulnerability":{"name":"CVE-2025-59731"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.278421Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.278421Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.278421Z","vulnerability":{"name":"CVE-2023-50007"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.279285Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.279285Z","products":[{"@id":"pkg:deb/ubuntu/libvpl2@2023.3.0-1build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=onevpl"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.279283Z","vulnerability":{"name":"CVE-2023-22656"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.279541Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.279541Z","products":[{"@id":"pkg:deb/ubuntu/libcairo2@1.18.0-3build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cairo"},{"@id":"pkg:deb/ubuntu/libcairo-gobject2@1.18.0-3build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cairo"}],"status":"affected","timestamp":"2026-05-14T11:37:19.279541Z","vulnerability":{"name":"CVE-2025-50422"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.279595Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.279595Z","products":[{"@id":"pkg:golang/stdlib@1.25.9"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.279595Z","vulnerability":{"name":"CVE-2026-39826"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.279643Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.279643Z","products":[{"@id":"pkg:golang/stdlib@1.25.9"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.279642Z","vulnerability":{"name":"CVE-2026-39817"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.279684Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.279684Z","products":[{"@id":"pkg:deb/ubuntu/libcups2t64@2.4.7-1.2ubuntu7.9?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cups"}],"status":"affected","timestamp":"2026-05-14T11:37:19.279684Z","vulnerability":{"name":"CVE-2026-39314"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.279734Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.279734Z","products":[{"@id":"pkg:deb/ubuntu/libpng16-16t64@1.6.43-5ubuntu0.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libpng1.6"}],"status":"affected","timestamp":"2026-05-14T11:37:19.279734Z","vulnerability":{"name":"CVE-2026-34757"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.279767Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.279766Z","products":[{"@id":"pkg:deb/ubuntu/bsdutils@1%3A2.39.3-9ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux%402.39.3-9ubuntu6.5"},{"@id":"pkg:deb/ubuntu/libblkid1@2.39.3-9ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libfdisk1@2.39.3-9ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libmount1@2.39.3-9ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libsmartcols1@2.39.3-9ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libuuid1@2.39.3-9ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/mount@2.39.3-9ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/util-linux@2.39.3-9ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.279766Z","vulnerability":{"name":"CVE-2026-27456"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.279928Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.279928Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.279928Z","vulnerability":{"name":"CVE-2024-36617"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.282399Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.282398Z","products":[{"@id":"pkg:deb/ubuntu/libpam-systemd@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd-shared@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/systemd@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/systemd-dev@255.4-1ubuntu8.15?arch=all\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/systemd-sysv@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"affected","timestamp":"2026-05-14T11:37:19.282398Z","vulnerability":{"name":"CVE-2026-40223"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.282823Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.282823Z","products":[{"@id":"pkg:golang/stdlib@1.25.9"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.282822Z","vulnerability":{"name":"CVE-2026-42501"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.282866Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.282866Z","products":[{"@id":"pkg:golang/stdlib@1.25.9"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.282865Z","vulnerability":{"name":"CVE-2026-39825"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.282913Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.282912Z","products":[{"@id":"pkg:deb/ubuntu/libcups2t64@2.4.7-1.2ubuntu7.9?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cups"}],"status":"affected","timestamp":"2026-05-14T11:37:19.282912Z","vulnerability":{"name":"CVE-2026-39316"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.282942Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.282942Z","products":[{"@id":"pkg:deb/ubuntu/libpam-systemd@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd-shared@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/systemd@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/systemd-dev@255.4-1ubuntu8.15?arch=all\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/systemd-sysv@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"affected","timestamp":"2026-05-14T11:37:19.282942Z","vulnerability":{"name":"CVE-2026-40228"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.283119Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.283119Z","products":[{"@id":"pkg:golang/stdlib@1.25.9"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.283119Z","vulnerability":{"name":"CVE-2026-39823"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.283443Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.283443Z","products":[{"@id":"pkg:deb/ubuntu/libgcrypt20@1.10.3-2build1?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T11:37:19.283442Z","vulnerability":{"name":"CVE-2026-41989"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.283502Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.283502Z","products":[{"@id":"pkg:deb/ubuntu/libcups2t64@2.4.7-1.2ubuntu7.9?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cups"}],"status":"affected","timestamp":"2026-05-14T11:37:19.283502Z","vulnerability":{"name":"CVE-2026-41079"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.283542Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.283541Z","products":[{"@id":"pkg:deb/ubuntu/libopenjp2-7@2.5.0-2ubuntu0.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openjpeg2"}],"status":"affected","timestamp":"2026-05-14T11:37:19.283541Z","vulnerability":{"name":"CVE-2026-6192"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.283576Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.283576Z","products":[{"@id":"pkg:deb/ubuntu/libpam-systemd@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd-shared@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/systemd@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/systemd-dev@255.4-1ubuntu8.15?arch=all\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/systemd-sysv@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"affected","timestamp":"2026-05-14T11:37:19.283575Z","vulnerability":{"name":"CVE-2026-40224"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.285271Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.285271Z","products":[{"@id":"pkg:deb/ubuntu/libcups2t64@2.4.7-1.2ubuntu7.9?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cups"}],"status":"affected","timestamp":"2026-05-14T11:37:19.28527Z","vulnerability":{"name":"CVE-2026-27447"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.285879Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.285879Z","products":[{"@id":"pkg:deb/ubuntu/libcups2t64@2.4.7-1.2ubuntu7.9?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cups"}],"status":"affected","timestamp":"2026-05-14T11:37:19.285878Z","vulnerability":{"name":"CVE-2026-34990"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.286401Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.2864Z","products":[{"@id":"pkg:deb/ubuntu/libopenjp2-7@2.5.0-2ubuntu0.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openjpeg2"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.2864Z","vulnerability":{"name":"CVE-2023-39328"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.297232Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.297232Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"affected","timestamp":"2026-05-14T11:37:19.297231Z","vulnerability":{"name":"CVE-2026-42014"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.297457Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.297457Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"affected","timestamp":"2026-05-14T11:37:19.297457Z","vulnerability":{"name":"CVE-2026-42015"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.297848Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.297848Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"affected","timestamp":"2026-05-14T11:37:19.297847Z","vulnerability":{"name":"CVE-2026-5260"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.286685Z","impact_statement":"The ffmpeg-related packages identified in the scan are transitive dependencies introduced through the browser components used by the Synthetics worker. They are not directly invoked by Datadog application code, but are installed as part of the underlying operating system and Chrome dependencies required for browser-based test execution.","justification":"vulnerable_code_not_in_execute_path","last_updated":"2026-05-14T11:37:19.286685Z","products":[{"@id":"pkg:deb/ubuntu/libvo-amrwbenc0@0.1.3-2build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=vo-amrwbenc"}],"status":"not_affected","timestamp":"2026-05-14T11:37:19.286685Z","vulnerability":{"name":"CVE-2019-2128"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.286745Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.286745Z","products":[{"@id":"pkg:deb/ubuntu/libvpl2@2023.3.0-1build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=onevpl"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.286745Z","vulnerability":{"name":"CVE-2023-47282"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.286779Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.286779Z","products":[{"@id":"pkg:npm/%40tootallnate/once@2.0.0"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.286778Z","vulnerability":{"name":"CVE-2026-3449"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.286817Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.286816Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"affected","timestamp":"2026-05-14T11:37:19.286816Z","vulnerability":{"name":"CVE-2026-40962"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.286896Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.286896Z","products":[{"@id":"pkg:deb/ubuntu/libpam-systemd@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd-shared@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/systemd@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/systemd-dev@255.4-1ubuntu8.15?arch=all\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/systemd-sysv@255.4-1ubuntu8.15?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"affected","timestamp":"2026-05-14T11:37:19.286896Z","vulnerability":{"name":"CVE-2026-40226"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.287055Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.287055Z","products":[{"@id":"pkg:deb/ubuntu/dirmngr@2.4.4-2ubuntu17.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2"},{"@id":"pkg:deb/ubuntu/gnupg@2.4.4-2ubuntu17.4?arch=all\u0026distro=ubuntu-24.04\u0026upstream=gnupg2"},{"@id":"pkg:deb/ubuntu/gnupg-utils@2.4.4-2ubuntu17.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2"},{"@id":"pkg:deb/ubuntu/gpg@2.4.4-2ubuntu17.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2"},{"@id":"pkg:deb/ubuntu/gpg-agent@2.4.4-2ubuntu17.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2"},{"@id":"pkg:deb/ubuntu/gpgconf@2.4.4-2ubuntu17.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2"},{"@id":"pkg:deb/ubuntu/gpgsm@2.4.4-2ubuntu17.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2"},{"@id":"pkg:deb/ubuntu/gpgv@2.4.4-2ubuntu17.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2"},{"@id":"pkg:deb/ubuntu/keyboxd@2.4.4-2ubuntu17.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2"}],"status":"affected","timestamp":"2026-05-14T11:37:19.287055Z","vulnerability":{"name":"CVE-2022-3219"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.289518Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.289518Z","products":[{"@id":"pkg:deb/ubuntu/libexpat1@2.6.1-2ubuntu0.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=expat"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.289518Z","vulnerability":{"name":"CVE-2025-66382"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.289757Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.289757Z","products":[{"@id":"pkg:golang/stdlib@1.25.9"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.289756Z","vulnerability":{"name":"CVE-2026-39819"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.289947Z","impact_statement":"The Firequalizer is an advanced IIR-based audio equalization filter residing in FFmpeg's libavfilter module. Firefox does not use FFmpeg's filter graph (libavfilter) at any point during media playback or audio processing. The libavfilter library is separate from the codec libraries used by the OS and is not invoked by the browser runtime. This filter can only be triggered by explicitly constructing an FFmpeg filter chain, an operation absent from this deployment's execution paths.","justification":"vulnerable_code_not_in_execute_path","last_updated":"2026-05-14T11:37:19.289947Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"not_affected","timestamp":"2026-05-14T11:37:19.289947Z","vulnerability":{"name":"CVE-2025-10256"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.290346Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.290345Z","products":[{"@id":"pkg:deb/ubuntu/libncurses6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libncursesw6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libtinfo6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-base@6.4%2B20240113-1ubuntu2?arch=all\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-bin@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"}],"status":"affected","timestamp":"2026-05-14T11:37:19.290345Z","vulnerability":{"name":"CVE-2025-69720"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.292025Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.292025Z","products":[{"@id":"pkg:deb/ubuntu/libelf1t64@0.190-1.1ubuntu0.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=elfutils"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.292025Z","vulnerability":{"name":"CVE-2025-1376"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.292226Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.292226Z","products":[{"@id":"pkg:deb/ubuntu/zlib1g@1%3A1.3.dfsg-3.1ubuntu2.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=zlib"}],"status":"affected","timestamp":"2026-05-14T11:37:19.292226Z","vulnerability":{"name":"CVE-2026-27171"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.292448Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.292448Z","products":[{"@id":"pkg:deb/ubuntu/libexpat1@2.6.1-2ubuntu0.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=expat"}],"status":"affected","timestamp":"2026-05-14T11:37:19.292448Z","vulnerability":{"name":"CVE-2026-32776"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.292685Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.292685Z","products":[{"@id":"pkg:deb/ubuntu/libexpat1@2.6.1-2ubuntu0.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=expat"}],"status":"affected","timestamp":"2026-05-14T11:37:19.292685Z","vulnerability":{"name":"CVE-2026-32778"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.293Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.293Z","products":[{"@id":"pkg:deb/ubuntu/libexpat1@2.6.1-2ubuntu0.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=expat"}],"status":"affected","timestamp":"2026-05-14T11:37:19.292999Z","vulnerability":{"name":"CVE-2026-32777"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.293349Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.293348Z","products":[{"@id":"pkg:deb/ubuntu/libexpat1@2.6.1-2ubuntu0.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=expat"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.293348Z","vulnerability":{"name":"CVE-2026-45186"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.293598Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.293598Z","products":[{"@id":"pkg:deb/ubuntu/libavcodec-extra60@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavcodec-extra@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libavutil58@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"},{"@id":"pkg:deb/ubuntu/libswresample4@7%3A6.1.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ffmpeg"}],"status":"affected","timestamp":"2026-05-14T11:37:19.293597Z","vulnerability":{"name":"CVE-2025-12343"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.294728Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.294727Z","products":[{"@id":"pkg:npm/protobufjs@7.5.5"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.294727Z","vulnerability":{"name":"CVE-2026-44289"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.295091Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.29509Z","products":[{"@id":"pkg:npm/protobufjs@7.5.5"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.29509Z","vulnerability":{"name":"CVE-2026-44290"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.295148Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.295147Z","products":[{"@id":"pkg:npm/protobufjs@7.5.5"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.295147Z","vulnerability":{"name":"CVE-2026-44291"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.295661Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.295661Z","products":[{"@id":"pkg:npm/protobufjs@7.5.5"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.295661Z","vulnerability":{"name":"CVE-2026-44293"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.296006Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.296006Z","products":[{"@id":"pkg:npm/%40protobufjs/utf8@1.1.0"},{"@id":"pkg:npm/protobufjs@7.5.5"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.296006Z","vulnerability":{"name":"CVE-2026-44288"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.296062Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.296062Z","products":[{"@id":"pkg:npm/follow-redirects@1.15.11"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.296061Z","vulnerability":{"name":"GHSA-r4q5-vmmm-2653"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.296378Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.296378Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"affected","timestamp":"2026-05-14T11:37:19.296378Z","vulnerability":{"name":"CVE-2026-42009"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.296729Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.296729Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"affected","timestamp":"2026-05-14T11:37:19.296729Z","vulnerability":{"name":"CVE-2026-42012"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.296925Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.296924Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"affected","timestamp":"2026-05-14T11:37:19.296924Z","vulnerability":{"name":"CVE-2026-42013"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.297933Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.297933Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"affected","timestamp":"2026-05-14T11:37:19.297933Z","vulnerability":{"name":"CVE-2026-5419"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.29829Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.29829Z","products":[{"@id":"pkg:npm/protobufjs@7.5.5"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.29829Z","vulnerability":{"name":"CVE-2026-44292"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.298326Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.298326Z","products":[{"@id":"pkg:npm/protobufjs@7.5.5"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.298326Z","vulnerability":{"name":"CVE-2026-44294"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:37:19.298356Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.298356Z","products":[{"@id":"pkg:npm/%40smithy/config-resolver@1.0.1"}],"status":"under_investigation","timestamp":"2026-05-14T11:37:19.298356Z","vulnerability":{"name":"GHSA-6475-r3vj-m8vf"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.48017Z","products":[{"@id":"pkg:npm/basic-ftp@5.2.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.48017Z","vulnerability":{"name":"CVE-2026-39983"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480235Z","products":[{"@id":"pkg:generic/deno@2.0.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480235Z","vulnerability":{"name":"CVE-2026-27190"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480246Z","products":[{"@id":"pkg:deb/ubuntu/libgdk-pixbuf-2.0-0@2.42.10%2Bdfsg-3ubuntu3.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gdk-pixbuf"},{"@id":"pkg:deb/ubuntu/libgdk-pixbuf2.0-common@2.42.10%2Bdfsg-3ubuntu3.2?arch=all\u0026distro=ubuntu-24.04\u0026upstream=gdk-pixbuf"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480245Z","vulnerability":{"name":"CVE-2026-5201"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480255Z","products":[{"@id":"pkg:generic/deno@2.0.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480255Z","vulnerability":{"name":"CVE-2025-48934"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480261Z","products":[{"@id":"pkg:generic/deno@2.0.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480261Z","vulnerability":{"name":"CVE-2025-21620"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480266Z","products":[{"@id":"pkg:generic/deno@2.0.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480266Z","vulnerability":{"name":"CVE-2025-48888"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480313Z","products":[{"@id":"pkg:generic/deno@2.0.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480313Z","vulnerability":{"name":"CVE-2025-24015"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480351Z","products":[{"@id":"pkg:npm/jsonpath@1.2.1"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480351Z","vulnerability":{"name":"CVE-2026-1615"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480366Z","products":[{"@id":"pkg:npm/%40xmldom/xmldom@0.8.10"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480366Z","vulnerability":{"name":"CVE-2026-41673"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480376Z","products":[{"@id":"pkg:npm/%40xmldom/xmldom@0.8.10"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480376Z","vulnerability":{"name":"CVE-2026-41672"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.48038Z","products":[{"@id":"pkg:npm/node-forge@1.3.2"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.48038Z","vulnerability":{"name":"CVE-2026-33891"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480388Z","products":[{"@id":"pkg:npm/protobufjs@7.4.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480388Z","vulnerability":{"name":"CVE-2026-41242"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480393Z","products":[{"@id":"pkg:npm/%40xmldom/xmldom@0.8.10"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480393Z","vulnerability":{"name":"CVE-2026-41674"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.4804Z","products":[{"@id":"pkg:npm/%40xmldom/xmldom@0.8.10"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.4804Z","vulnerability":{"name":"CVE-2026-41675"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480408Z","products":[{"@id":"pkg:npm/%40xmldom/xmldom@0.8.10"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480408Z","vulnerability":{"name":"CVE-2026-34601"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480415Z","products":[{"@id":"pkg:npm/basic-ftp@5.2.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480415Z","vulnerability":{"name":"CVE-2026-41324"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480419Z","products":[{"@id":"pkg:npm/path-to-regexp@0.1.12"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480419Z","vulnerability":{"name":"CVE-2026-4867"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480427Z","products":[{"@id":"pkg:npm/node-forge@1.3.2"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480427Z","vulnerability":{"name":"CVE-2026-33894"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480432Z","products":[{"@id":"pkg:npm/node-forge@1.3.2"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480432Z","vulnerability":{"name":"CVE-2026-33895"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480437Z","products":[{"@id":"pkg:npm/lodash@4.17.23"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480437Z","vulnerability":{"name":"CVE-2026-4800"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480444Z","products":[{"@id":"pkg:generic/deno@2.0.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480443Z","vulnerability":{"name":"CVE-2026-22864"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480453Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480453Z","vulnerability":{"name":"CVE-2026-28389"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480458Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480458Z","vulnerability":{"name":"CVE-2026-28390"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480465Z","products":[{"@id":"pkg:npm/node-forge@1.3.2"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480465Z","vulnerability":{"name":"CVE-2026-33896"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.48047Z","products":[{"@id":"pkg:generic/node@22.22.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.48047Z","vulnerability":{"name":"CVE-2026-21710"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480481Z","products":[{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480481Z","vulnerability":{"name":"CVE-2026-5545"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480491Z","products":[{"@id":"pkg:generic/node@22.22.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480491Z","vulnerability":{"name":"CVE-2026-21717"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480495Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480494Z","vulnerability":{"name":"CVE-2026-27143"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480501Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480501Z","vulnerability":{"name":"CVE-2026-31790"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480505Z","products":[{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480505Z","vulnerability":{"name":"CVE-2026-7168"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480516Z","products":[{"@id":"pkg:deb/ubuntu/liblcms2-2@2.14-2build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=lcms2"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480516Z","vulnerability":{"name":"CVE-2026-41254"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480521Z","products":[{"@id":"pkg:npm/lodash@4.17.23"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480521Z","vulnerability":{"name":"CVE-2026-2950"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480525Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480525Z","vulnerability":{"name":"CVE-2026-32281"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.48053Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.48053Z","vulnerability":{"name":"CVE-2026-32280"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480534Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480534Z","vulnerability":{"name":"CVE-2026-32283"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480539Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480539Z","vulnerability":{"name":"CVE-2026-28387"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480545Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480545Z","vulnerability":{"name":"CVE-2026-27140"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480549Z","products":[{"@id":"pkg:deb/ubuntu/libnghttp2-14@1.59.0-1ubuntu0.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=nghttp2"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480549Z","vulnerability":{"name":"CVE-2026-27135"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480558Z","products":[{"@id":"pkg:deb/ubuntu/libtiff6@4.5.1%2Bgit230720-4ubuntu2.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=tiff"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480558Z","vulnerability":{"name":"CVE-2025-61144"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480563Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480562Z","vulnerability":{"name":"CVE-2026-28388"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480566Z","products":[{"@id":"pkg:deb/ubuntu/libpam-systemd@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd-shared@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/systemd@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/systemd-dev@255.4-1ubuntu8.12?arch=all\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/systemd-sysv@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480566Z","vulnerability":{"name":"CVE-2026-29111"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480579Z","products":[{"@id":"pkg:generic/node@22.22.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480579Z","vulnerability":{"name":"CVE-2026-21714"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480588Z","products":[{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480588Z","vulnerability":{"name":"CVE-2026-6429"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480595Z","products":[{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480595Z","vulnerability":{"name":"CVE-2026-6253"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480603Z","products":[{"@id":"pkg:generic/deno@2.0.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480603Z","vulnerability":{"name":"CVE-2026-22863"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480611Z","products":[{"@id":"pkg:generic/deno@2.0.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480611Z","vulnerability":{"name":"CVE-2025-61786"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480615Z","products":[{"@id":"pkg:generic/node@22.22.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480615Z","vulnerability":{"name":"CVE-2026-21713"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480621Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480621Z","vulnerability":{"name":"CVE-2026-32289"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480626Z","products":[{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480626Z","vulnerability":{"name":"CVE-2026-5773"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.48063Z","products":[{"@id":"pkg:generic/deno@2.0.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.48063Z","vulnerability":{"name":"CVE-2025-61785"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480635Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480635Z","vulnerability":{"name":"CVE-2026-32282"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480641Z","products":[{"@id":"pkg:deb/ubuntu/libcap2@1%3A2.66-5ubuntu2.2?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcap2-bin@1%3A2.66-5ubuntu2.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libcap2"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480641Z","vulnerability":{"name":"CVE-2026-4878"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480689Z","products":[{"@id":"pkg:generic/node@22.22.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480689Z","vulnerability":{"name":"CVE-2026-21715"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480693Z","products":[{"@id":"pkg:generic/node@22.22.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480693Z","vulnerability":{"name":"CVE-2026-21716"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:37:19.480709Z","products":[{"@id":"pkg:npm/basic-ftp@5.2.0"}],"status":"fixed","timestamp":"2026-05-14T11:37:19.480709Z","vulnerability":{"name":"GHSA-6v7q-wjvx-w8wg"}}],"timestamp":"2026-05-07T11:37:14.061592505Z","tooling":"","version":3}