[Git][security-tracker-team/security-tracker][master] Add new caddy issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Feb 24 20:33:36 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7acce63a by Salvatore Bonaccorso at 2026-02-24T21:33:14+01:00
Add new caddy issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17,17 +17,24 @@ CVE-2026-2459 (A vulnerability exists in REB500 for an authenticated user with I
CVE-2026-27732 (WWBN AVideo is an open source video platform. Prior to version 22.0, t ...)
NOT-FOR-US: WWBN AVideo
CVE-2026-27590 (Caddy is an extensible server platform that uses TLS by default. Prior ...)
- TODO: check
+ - caddy <unfixed>
+ NOTE: https://github.com/caddyserver/caddy/security/advisories/GHSA-5r3v-vc8m-m96g
CVE-2026-27589 (Caddy is an extensible server platform that uses TLS by default. Prior ...)
- TODO: check
+ - caddy <unfixed>
+ NOTE: https://github.com/caddyserver/caddy/security/advisories/GHSA-879p-475x-rqh2
CVE-2026-27588 (Caddy is an extensible server platform that uses TLS by default. Prior ...)
- TODO: check
+ - caddy <unfixed>
+ NOTE: https://github.com/caddyserver/caddy/security/advisories/GHSA-x76f-jf84-rqj8
CVE-2026-27587 (Caddy is an extensible server platform that uses TLS by default. Prior ...)
- TODO: check
+ - caddy <unfixed>
+ NOTE: https://github.com/caddyserver/caddy/security/advisories/GHSA-g7pc-pc7g-h8jh
CVE-2026-27586 (Caddy is an extensible server platform that uses TLS by default. Prior ...)
- TODO: check
+ - caddy <unfixed>
+ NOTE: https://github.com/caddyserver/caddy/security/advisories/GHSA-hffm-g8v7-wrv7
+ TODO: check, introducing version
CVE-2026-27585 (Caddy is an extensible server platform that uses TLS by default. Prior ...)
- TODO: check
+ - caddy <unfixed>
+ NOTE: https://github.com/caddyserver/caddy/security/advisories/GHSA-4xrr-hq4w-6vf4
CVE-2026-27584 (Actual is a local-first personal finance tool. Prior to version 26.2.1 ...)
NOT-FOR-US: Actual
CVE-2026-27571 (NATS-Server is a High-Performance server for NATS.io, a cloud and edge ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7acce63ab1f526dda29671a862a5403e5ac6b27d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7acce63ab1f526dda29671a862a5403e5ac6b27d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260224/64155f76/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list