[Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Apr 23 21:11:33 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3ef481ca by Salvatore Bonaccorso at 2026-04-23T22:10:57+02:00
Process two NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -46,11 +46,11 @@ CVE-2026-41238 (DOMPurify is a DOM-only cross-site scripting sanitizer for HTML,
- node-dompurify <unfixed>
NOTE: https://github.com/cure53/DOMPurify/security/advisories/GHSA-v9jr-rg53-9pgp
CVE-2026-41213 (@node-oauth/oauth2-server is a module for implementing an OAuth2 serve ...)
- TODO: check
+ NOT-FOR-US: node-oauth2-server
CVE-2026-41205 (Mako is a template library written in Python. Prior to 1.3.11, Templat ...)
TODO: check
CVE-2026-41173 (The AWS X-Ray Remote Sampler package provides a sampler which can get ...)
- TODO: check
+ NOT-FOR-US: AWS X-Ray Remote Sampler package
CVE-2026-41078 (OpenTelemetry dotnet is a dotnet telemetry framework. In 1.6.0-rc.1 an ...)
NOT-FOR-US: OpenTelemetry dotnet
CVE-2026-40894 (OpenTelemetry dotnet is a dotnet telemetry framework. In OpenTelemetry ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef481ca4db7e2affc8d4c800978c879d7a1c5f6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef481ca4db7e2affc8d4c800978c879d7a1c5f6
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260423/9f3e3e18/attachment.htm>
More information about the debian-security-tracker-commits
mailing list