[Git][security-tracker-team/security-tracker][master] Add CVE-2026-41205/mako
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Apr 23 21:12:54 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d3808d07 by Salvatore Bonaccorso at 2026-04-23T22:12:34+02:00
Add CVE-2026-41205/mako
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -48,7 +48,8 @@ CVE-2026-41238 (DOMPurify is a DOM-only cross-site scripting sanitizer for HTML,
CVE-2026-41213 (@node-oauth/oauth2-server is a module for implementing an OAuth2 serve ...)
NOT-FOR-US: node-oauth2-server
CVE-2026-41205 (Mako is a template library written in Python. Prior to 1.3.11, Templat ...)
- TODO: check
+ - mako <unfixed>
+ NOTE: https://github.com/sqlalchemy/mako/security/advisories/GHSA-v92g-xgxw-vvmm
CVE-2026-41173 (The AWS X-Ray Remote Sampler package provides a sampler which can get ...)
NOT-FOR-US: AWS X-Ray Remote Sampler package
CVE-2026-41078 (OpenTelemetry dotnet is a dotnet telemetry framework. In 1.6.0-rc.1 an ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3808d0773a49e9dc22ada1d3c0dd3cc38e11d91
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3808d0773a49e9dc22ada1d3c0dd3cc38e11d91
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260423/6de03336/attachment.htm>
More information about the debian-security-tracker-commits
mailing list