[Git][security-tracker-team/security-tracker][master] Add CVE-2026-29063/node-immutable

Fri Mar 6 20:58:13 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e04a4267 by Salvatore Bonaccorso at 2026-03-06T21:57:47+01:00
Add CVE-2026-29063/node-immutable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -43,7 +43,9 @@ CVE-2026-29075 (Mesa is an open-source Python library for agent-based modeling,
 CVE-2026-29064 (Zarf is an Airgap Native Packager Manager for Kubernetes. From version ...)
 	NOT-FOR-US: Zarf
 CVE-2026-29063 (Immutable.js provides many Persistent Immutable data structures. Prior ...)
-	TODO: check
+	- node-immutable <unfixed>
+	NOTE: Fixed by: https://github.com/immutable-js/immutable-js/commit/faeb58b0cc71ed351dc51f672a95ae21bc859ef5 (v4.3.8)
+	NOTE: Fixed by: https://github.com/immutable-js/immutable-js/commit/94bcd3c79972db4afffd8d1e5aab415880098b05 (v4.3.8)
 CVE-2026-28514 (Rocket.Chat is an open-source, secure, fully customizable communicatio ...)
 	TODO: check
 CVE-2026-28106 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in K ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e04a4267f9dca099f1de86051c47d4f8d583bd62

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e04a4267f9dca099f1de86051c47d4f8d583bd62
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260306/80a021e5/attachment.htm>
