[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33634/trivy, itp'ed
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Mar 24 20:09:55 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3e9fc416 by Salvatore Bonaccorso at 2026-03-24T21:08:25+01:00
Add CVE-2026-33634/trivy, itp'ed
Technically this is rather later on a not-affected because it was about
compromised credentials to publish a malicious Trivy releases.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -342,7 +342,7 @@ CVE-2026-33848 (Improper Restriction of Operations within the Bounds of a Memory
CVE-2026-33847 (Improper Restriction of Operations within the Bounds of a Memory Buffe ...)
NOT-FOR-US: linkingvision rapidvms
CVE-2026-33634 (Trivy is a security scanner. On March 19, 2026, a threat actor used co ...)
- TODO: check
+ - trivy <itp> (bug #929458)
CVE-2026-33320 (Dasel is a command-line tool and library for querying, modifying, and ...)
TODO: check
CVE-2026-33308 (Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e9fc4168cf95480c96461f4217fee4b3fc12751
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e9fc4168cf95480c96461f4217fee4b3fc12751
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260324/53b62a1e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list