[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27809/psd-tools

Thu Feb 26 20:38:11 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cd699d12 by Salvatore Bonaccorso at 2026-02-26T21:37:45+01:00
Add CVE-2026-27809/psd-tools

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -232,7 +232,9 @@ CVE-2026-27818 (TerriaJS-Server is a NodeJS Express server for TerriaJS, a libra
 CVE-2026-27812 (Sub2API is an AI API gateway platform designed to distribute and manag ...)
 	NOT-FOR-US: Sub2API
 CVE-2026-27809 (psd-tools is a Python package for working with Adobe Photoshop PSD fil ...)
-	TODO: check
+	- psd-tools <unfixed>
+	NOTE: https://github.com/psd-tools/psd-tools/security/advisories/GHSA-24p2-j2jr-386w
+	NOTE: Fixed by: https://github.com/psd-tools/psd-tools/commit/6c0a78f195b5942757886a1863793fd5946c1fb1 (v1.12.2)
 CVE-2026-27808 (Mailpit is an email testing tool and API for developers. Prior to vers ...)
 	NOT-FOR-US: Mailpit
 CVE-2026-27804 (Parse Server is an open source backend that can be deployed to any inf ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd699d1220a6c1fda053e3cc72adee7678791617

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd699d1220a6c1fda053e3cc72adee7678791617
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260226/f5aac983/attachment.htm>
