[Git][security-tracker-team/security-tracker][master] 2 commits: Add two new issues in wekan, itp'ed

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Apr 23 08:39:34 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
004334f9 by Salvatore Bonaccorso at 2026-04-23T09:38:41+02:00
Add two new issues in wekan, itp'ed

- - - - -
d2466fe5 by Salvatore Bonaccorso at 2026-04-23T09:39:15+02:00
Add one new issue in node-vite

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,9 +27,9 @@ CVE-2026-41988 (uuid before 14.0.0 can make unexpected writes when external outp
 CVE-2026-41679 (Paperclip is a Node.js server and React UI that orchestrates a team of ...)
 	NOT-FOR-US: Paperclip Node.js module
 CVE-2026-41455 (WeKan before8.35 contains a server-side request forgery vulnerability  ...)
-	TODO: check
+	- wekan <itp> (bug #819238)
 CVE-2026-41454 (WeKan before8.35 contains a missing authorization vulnerability in the ...)
-	TODO: check
+	- wekan <itp> (bug #819238)
 CVE-2026-41314 (pypdf is a free and open-source pure-python PDF library. An attacker w ...)
 	TODO: check
 CVE-2026-41313 (pypdf is a free and open-source pure-python PDF library. An attacker w ...)
@@ -51,7 +51,7 @@ CVE-2026-41229 (Froxlor is open source server administration software. Prior to
 CVE-2026-41228 (Froxlor is open source server administration software. Prior to versio ...)
 	TODO: check
 CVE-2026-41211 (Vite+ is a unified toolchain and entry point for web development. Prio ...)
-	TODO: check
+	- node-vite <itp> (bug #1053782)
 CVE-2026-41208 (Paperclip is a Node.js server and React UI that orchestrates a team of ...)
 	NOT-FOR-US: Paperclip Node.js module
 CVE-2026-41206 (PySpector is a static analysis security testing (SAST) Framework engin ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/218467b538f0b9a6250589a63dcf88b07718c385...d2466fe54febf01cabfb0da8dea2358980d9c6d1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/218467b538f0b9a6250589a63dcf88b07718c385...d2466fe54febf01cabfb0da8dea2358980d9c6d1
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260423/8c9c4f2d/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list