[Git][security-tracker-team/security-tracker][master] Add two new gradle issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c12dc7ff by Salvatore Bonaccorso at 2026-01-17T09:37:04+01:00
Add two new gradle issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16,9 +16,12 @@ CVE-2026-23643 (CakePHP is a rapid development framework for PHP. The PaginatorH
 	NOTE: https://github.com/cakephp/cakephp/issues/19172
 	NOTE: Fixed by: https://github.com/cakephp/cakephp/commit/c842e7f45d85696e6527d8991dd72f525ced955f (5.3.1)
 CVE-2026-22865 (Gradle is a build automation tool, and its native-platform tool provid ...)
-	TODO: check
+	- gradle <unfixed>
+	NOTE: https://github.com/gradle/gradle/security/advisories/GHSA-mqwm-5m85-gmcv
 CVE-2026-22816 (Gradle is a build automation tool, and its native-platform tool provid ...)
-	TODO: check
+	- gradle <unfixed>
+	NOTE: https://github.com/gradle/gradle/security/advisories/GHSA-w78c-w6vf-rw82
+	NOTE: Fixed by: https://github.com/gradle/gradle/commit/e5707d0d8fce3d768c9c489004700d78eab1773a (v9.3.0-RC2)
 CVE-2026-21223 (Microsoft Edge Elevation Service exposes a privileged COM interface th ...)
 	NOT-FOR-US: Microsoft
 CVE-2026-20960 (Improper authorization in Microsoft Power Apps allows an authorized at ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c12dc7ffb85fa178c418faac834848906a301ae0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c12dc7ffb85fa178c418faac834848906a301ae0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260117/eb0521cd/attachment-0001.htm>