[Git][security-tracker-team/security-tracker][master] Reference fixes for node-path-to-regexp issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
abccf642 by Salvatore Bonaccorso at 2026-03-27T22:34:43+01:00
Reference fixes for node-path-to-regexp issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -73,9 +73,11 @@ CVE-2026-33945
 CVE-2026-4926 (Impact:  A bad regular expression is generated any time you have multi ...)
 	- node-path-to-regexp 8.4.0-1 (bug #1132020)
 	NOTE: https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-j3q9-mxjg-w52f
+	NOTE: Fixed by: https://github.com/pillarjs/path-to-regexp/commit/22a967901afc8b2b42eefe456faa7b6773dcc415 (v8.4.0)
 CVE-2026-4923 (Impact:  When using multiple wildcards, combined with at least one par ...)
 	- node-path-to-regexp 8.4.0-1 (bug #1132020)
 	NOTE: https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-27v5-c462-wpq7
+	NOTE: Fixed by: https://github.com/pillarjs/path-to-regexp/commit/48646547da685c1ccb76a95fe23373975a91e200 (v8.4.0)
 CVE-2026-4897 (A flaw was found in polkit. A local user can exploit this by providing ...)
 	- policykit-1 <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2451739



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abccf642838d87ddb51a1fd91e360b5b9ec98759

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abccf642838d87ddb51a1fd91e360b5b9ec98759
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260327/3d8798ff/attachment.htm>