{"affected":[{"ecosystem_specific":{"binaries":[{"tracker-miner-files":"3.6.2-150600.4.6.1","tracker-miners":"3.6.2-150600.4.6.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Desktop Applications 15 SP7","name":"tracker-miners","purl":"pkg:rpm/suse/tracker-miners&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.6.2-150600.4.6.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"tracker-miners-lang":"3.6.2-150600.4.6.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Workstation Extension 15 SP7","name":"tracker-miners","purl":"pkg:rpm/suse/tracker-miners&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.6.2-150600.4.6.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"tracker-miner-files":"3.6.2-150600.4.6.1","tracker-miners":"3.6.2-150600.4.6.1","tracker-miners-lang":"3.6.2-150600.4.6.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"tracker-miners","purl":"pkg:rpm/opensuse/tracker-miners&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.6.2-150600.4.6.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for tracker-miners fixes the following issues:\n\n- CVE-2026-1764: heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files\n  (bsc#1257606).\n- CVE-2026-1765: denial of Service and potential information disclosure via crafted MP3 files (bsc#1257607).\n- CVE-2026-1766: denial of Service and information disclosure via malformed MP3 files (bsc#1257608).\n- CVE-2026-1767: heap buffer overflow leading to denial of service or information disclosure via malformed MP3 ID3\n  tags (bsc#1257609).\n","id":"SUSE-SU-2026:0780-1","modified":"2026-03-03T13:25:57Z","published":"2026-03-03T13:25:57Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2026/suse-su-20260780-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1257606"},{"type":"REPORT","url":"https://bugzilla.suse.com/1257607"},{"type":"REPORT","url":"https://bugzilla.suse.com/1257608"},{"type":"REPORT","url":"https://bugzilla.suse.com/1257609"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-1764"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-1765"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-1766"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-1767"}],"related":["CVE-2026-1764","CVE-2026-1765","CVE-2026-1766","CVE-2026-1767"],"summary":"Security update for tracker-miners","upstream":["CVE-2026-1764","CVE-2026-1765","CVE-2026-1766","CVE-2026-1767"]}