Multiple issues were found in GPAC multimedia framework, whcih could result in denial of service or potentially the execution of arbitrary code. For the stable distribution (bullseye), these problems have been fixed in
An issue has been found in sniproxy, a transparent TLS and HTTP layer 4 proxy with SNI support. Due to bad handling of wildcard backend hosts, a crafted HTTP or TLS packet might lead to remote arbitrary code execution.
It was discovered that missing input sanitising in cups-filters, when using the Backend Error Handler (beh) backend to create an accessible network printer, may result in the execution of arbitrary commands.