[Git][security-tracker-team/security-tracker][master] new node-js-cookie issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e71f54b by Moritz Muehlenhoff at 2026-06-12T16:36:05+02:00
new node-js-cookie issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -481,7 +481,9 @@ CVE-2026-46645 (SQLAdmin is a flexible Admin interface for SQLAlchemy models. Pr
 CVE-2026-46643 (Snappy is a PHP library allowing thumbnail, snapshot or PDF generation ...)
 	NOT-FOR-US: Snappy PHP (different from src:snappy)
 CVE-2026-46625 (JavaScript Cookie is a JavaScript API for handling cookies, client-sid ...)
-	TODO: check
+	- node-js-cookie <unfixed>
+	NOTE: https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j
+	NOTE: https://github.com/js-cookie/js-cookie/commit/eb3c40e89731e99b8970faaf35ddad249c6c0020 (v3.0.8)
 CVE-2026-46519 (mcp-server-kubernetes is a Model Context Protocol server for Kubernete ...)
 	NOT-FOR-US: mcp-server-kubernetes
 CVE-2026-45783 (libp2p is a JavaScript Implementation of libp2p networking stack. Prio ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e71f54ba43b74fc971c1b697e0fb1a58d3bdf08

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e71f54ba43b74fc971c1b697e0fb1a58d3bdf08
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260612/16b31c9e/attachment-0001.htm>