[Git][security-tracker-team/security-tracker][master] node-flatted spu

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
267e2d07 by Moritz Mühlenhoff at 2026-03-23T20:16:01+01:00
node-flatted spu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -498,6 +498,8 @@ CVE-2026-33230 (NLTK (Natural Language Toolkit) is a suite of open source Python
 	NOTE: https://github.com/nltk/nltk/commit/1c3f799607eeb088cab2491dcf806ae83c29ad8f
 CVE-2026-33228 (flatted is a circular JSON parser. Prior to version 3.4.2, the parse() ...)
 	- node-flatted 3.4.2~ds-1 (bug #1131462)
+	[trixie] - node-flatted <no-dsa> (Minor issue)
+	[bookworm] - node-flatted <no-dsa> (Minor issue)
 	NOTE: https://github.com/WebReflection/flatted/security/advisories/GHSA-rf6f-7fwh-wjgh
 	NOTE: Fixed by: https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802 (v3.4.2)
 CVE-2026-33226 (Budibase is a low code platform for creating internal tools, workflows ...)


=====================================
data/next-point-update.txt
=====================================
@@ -122,3 +122,5 @@ CVE-2021-37746
 	[trixie] - sylpheed 3.8.0~beta1-2+deb13u1
 CVE-2025-71264
 	[trixie] - mumble 1.5.735-5+deb13u1
+CVE-2026-33228
+	[trixie] - node-flatted 3.2.7~ds-1+deb13u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/267e2d0781e1185bacb20aa11ee3d681f35e3d2d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/267e2d0781e1185bacb20aa11ee3d681f35e3d2d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260323/5690594a/attachment.htm>