[Git][security-tracker-team/security-tracker][master] Add CVE-2026-24765/phpunit
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jan 28 09:39:37 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4ea95f38 by Salvatore Bonaccorso at 2026-01-28T10:37:41+01:00
Add CVE-2026-24765/phpunit
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -55,7 +55,9 @@ CVE-2026-24778 (Ghost is an open source content management system. In Ghost vers
CVE-2026-24770 (RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. ...)
NOT-FOR-US: RAGFlow
CVE-2026-24765 (PHPUnit is a testing framework for PHP. A vulnerability has been disco ...)
- TODO: check
+ - phpunit 12.5.8-1
+ NOTE: https://github.com/sebastianbergmann/phpunit/security/advisories/GHSA-vvj3-c3rp-c85p
+ NOTE: Fixed by: https://github.com/sebastianbergmann/phpunit/commit/3141742e00620e2968d3d2e732d320de76685fda (12.5.8, 11.5.50, 10.5.62, 9.6.33, 8.5.52)
CVE-2026-24748 (Kargo manages and automates the promotion of software artifacts. Prior ...)
NOT-FOR-US: Argo CD
CVE-2026-24747 (PyTorch is a Python package that provides tensor computation. Prior to ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ea95f387a84d043452fbff4d86d85c679964fbc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ea95f387a84d043452fbff4d86d85c679964fbc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260128/abfcb5a7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list