Advisory GHSA-2ccx-cjjh-r2j8 references a vulnerability in the following Go modules:
Description:
Summary
Release 1.17.1 seems affected by CVE-2026-27143. golang 1.25.9 Seems to solve the issue. Is there any new release planned?
Details
See https://nvd.nist.gov/vuln/detail/CVE-2026-27143.
References:
No existing reports found with this module or alias.
See doc/quickstart.md for instructions on how to triage this report.
id: GO-ID-PENDING
modules:
- module: github.com/bluenviron/mediamtx
versions:
- introduced: 1.15.0
- fixed: 1.18.0
vulnerable_at: 1.17.1
summary: MediaMTX affected by CVE-2026-27143 due to vulnerable dependency in github.com/bluenviron/mediamtx
ghsas:
- GHSA-2ccx-cjjh-r2j8
references:
- advisory: https://github.com/advisories/GHSA-2ccx-cjjh-r2j8
- advisory: https://github.com/bluenviron/mediamtx/security/advisories/GHSA-2ccx-cjjh-r2j8
- web: https://github.com/bluenviron/mediamtx/releases/tag/v1.18.0
- web: https://nvd.nist.gov/vuln/detail/CVE-2026-27143
source:
id: GHSA-2ccx-cjjh-r2j8
created: 2026-05-06T23:01:12.013159085Z
review_status: UNREVIEWED
Advisory GHSA-2ccx-cjjh-r2j8 references a vulnerability in the following Go modules:
Description:
Summary
Release 1.17.1 seems affected by CVE-2026-27143. golang 1.25.9 Seems to solve the issue. Is there any new release planned?
Details
See https://nvd.nist.gov/vuln/detail/CVE-2026-27143.
References:
No existing reports found with this module or alias.
See doc/quickstart.md for instructions on how to triage this report.