[Git][security-tracker-team/security-tracker][master] add lxd references, thanks to Mathias Gibbens
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sat Jun 27 21:51:38 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5429b6ed by Moritz Muehlenhoff at 2026-06-27T22:50:24+02:00
add lxd references, thanks to Mathias Gibbens
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -908,7 +908,9 @@ CVE-2026-13372 (Incorrect link resolution by display name in the custom PowerShe
CVE-2026-13325 (A flaw was found in KubeVirt's migration proxy. When spec.configuratio ...)
NOT-FOR-US: KubeVirt
CVE-2026-12411 (Broken Access Control in the devLXDInstancePatchHandler component of C ...)
- TODO: check
+ - lxd <not-affected> (Only affects LXD 6.6 and later)
+ NOTE: https://github.com/canonical/lxd/security/advisories/GHSA-hhf9-qw4v-72xp
+ NOTE: https://github.com/canonical/lxd/pull/18585
CVE-2026-11779 (An Improper Authorization vulnerability exists in PayloadCMS version 3 ...)
NOT-FOR-US: PayloadCMS
CVE-2026-0828 (Kernel driver ProcessMonitorDriver.sys in Safetica's endpoint client x ...)
@@ -1192,40 +1194,56 @@ CVE-2020-37256 (Grav before 1.6.30 contains a cross-site scripting vulnerability
CVE-2026-48750
{DSA-6370-1}
- incus 7.0.0-5
+ - lxd <removed>
NOTE: https://github.com/lxc/incus/security/advisories/GHSA-73hr-m85f-64v9
+ NOTE: https://github.com/canonical/lxd/pull/18590
CVE-2026-48751
{DSA-6370-1}
- incus 7.0.0-5
+ - lxd <removed>
NOTE: https://github.com/lxc/incus/security/advisories/GHSA-48q5-w887-33wv
+ NOTE: https://github.com/canonical/lxd/pull/18604
CVE-2026-48752
{DSA-6370-1}
- incus 7.0.0-5
+ - lxd <removed>
NOTE: https://github.com/lxc/incus/security/advisories/GHSA-vxp5-584q-c479
NOTE: https://github.com/lxc/incus/commit/cbefa31ae0da8fd96361178aed3a3c631e098fef (v7.2.0)
+ NOTE: https://github.com/canonical/lxd/pull/18590
CVE-2026-48755
{DSA-6370-1}
- incus 7.0.0-5
+ - lxd <removed>
NOTE: https://github.com/lxc/incus/security/advisories/GHSA-v6mj-8pf4-hhw4
NOTE: https://github.com/lxc/incus/commit/873a032a461df6b09b7586435b592873863a4e88 (v7.2.0)
+ NOTE: https://github.com/canonical/lxd/pull/18597
CVE-2026-48769
{DSA-6370-1}
- incus 7.0.0-5
+ - lxd <removed>
NOTE: https://github.com/lxc/incus/security/advisories/GHSA-f6m5-xw2g-xc4x
NOTE: https://github.com/lxc/incus/commit/46d6ef232186df5535c49ca9f3597cab381f9b86 (v7.2.0)
+ NOTE: https://github.com/canonical/lxd/pull/18594
CVE-2026-55621
{DSA-6370-1}
- incus 7.0.0-5
+ - lxd <removed>
NOTE: https://github.com/lxc/incus/security/advisories/GHSA-64f3-v33m-w89f
NOTE: https://github.com/lxc/incus/commit/2e01078366e2653712719dec82318e51c6d21b28 (v7.2.0)
+ NOTE: https://github.com/canonical/lxd/pull/18603
CVE-2026-55622
{DSA-6370-1}
- incus 7.0.0-5
+ - lxd <removed>
NOTE: https://github.com/lxc/incus/security/advisories/GHSA-c9f5-j9c3-mhrg
NOTE: https://github.com/lxc/incus/commit/1e3ffc53a10950e55de62ac1e0d612be597b84eb (v7.2.0)
+ NOTE: https://github.com/canonical/lxd/pull/18603
CVE-2026-48749
{DSA-6370-1}
- incus 7.0.0-5
+ - lxd <removed>
NOTE: https://github.com/lxc/incus/security/advisories/GHSA-2q3f-q5pq-g8wv
+ NOTE: https://github.com/canonical/lxd/pull/18590
CVE-2026-XXXX [ZSA-2026-12]
- znuny 6.5.22-1
[trixie] - znuny <no-dsa> (Non-free not supported)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5429b6ed80c40b3f68134470705260042a0cefbf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5429b6ed80c40b3f68134470705260042a0cefbf
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260627/910972ca/attachment.htm>
More information about the debian-security-tracker-commits
mailing list