[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27135/nghttp2
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 18 21:38:22 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a6334f10 by Salvatore Bonaccorso at 2026-03-18T22:37:51+01:00
Add CVE-2026-27135/nghttp2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -99,7 +99,9 @@ CVE-2026-29858 (A lack of path validation in aaPanel v7.57.0 allows attackers to
CVE-2026-29856 (An issue in the VirtualHost configuration handling/parser component of ...)
NOT-FOR-US: aaPanel
CVE-2026-27135 (nghttp2 is an implementation of the Hypertext Transfer Protocol versio ...)
- TODO: check
+ - nghttp2 <unfixed>
+ NOTE: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6
+ NOTE: Fixed by: https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1 (v1.68.1)
CVE-2026-26948 (Dell Integrated Dell Remote Access Controller 9, 14G versions prior to ...)
NOT-FOR-US: Dell / EMC
CVE-2026-26945 (Dell Integrated Dell Remote Access Controller 9, 14G versions prior to ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6334f100000ebc184a3d82d8eab4a3db55ddfd6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6334f100000ebc184a3d82d8eab4a3db55ddfd6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260318/59270cfb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list