[Git][security-tracker-team/security-tracker][master] Add CVE-2026-35166/hugo
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Apr 6 21:06:36 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
abacc8d3 by Salvatore Bonaccorso at 2026-04-06T22:06:11+02:00
Add CVE-2026-35166/hugo
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -102,7 +102,8 @@ CVE-2026-35171 (Kedro is a toolbox for production-ready data science. Prior to 1
CVE-2026-35167 (Kedro is a toolbox for production-ready data science. Prior to 1.3.0, ...)
TODO: check
CVE-2026-35166 (Hugo is a static site generator. From 0.60.0 to before 0.159.2, links ...)
- TODO: check
+ - hugo 0.159.2-1
+ NOTE: https://github.com/gohugoio/hugo/security/advisories/GHSA-mcv8-8m8x-48pg
CVE-2026-35164 (Brave CMS is an open-source CMS. Prior to 2.0.6, an unrestricted file ...)
TODO: check
CVE-2026-35052 (D-Tale is the combination of a Flask back-end and a React front-end to ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abacc8d3cee84640b2ceb3c03a07bb63195179d7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abacc8d3cee84640b2ceb3c03a07bb63195179d7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260406/8a45079f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list