[Git][security-tracker-team/security-tracker][master] Add CVE-2026-44928/uriparser

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
93b4bae9 by Salvatore Bonaccorso at 2026-05-08T21:27:33+02:00
Add CVE-2026-44928/uriparser

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21,7 +21,10 @@ CVE-2026-5341 (The NMR Strava activities plugin for WordPress is vulnerable to S
 CVE-2026-5127 (The User Frontend: AI Powered Frontend Posting, User Directory, Profil ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-44928 (In uriparser before 1.0.2, the function family EqualsUri can misclassi ...)
-	TODO: check
+	- uriparser <unfixed>
+	NOTE: https://github.com/uriparser/uriparser/pull/305
+	NOTE: Fixed by: https://github.com/uriparser/uriparser/commit/723717c713a01c08efed6b3ded9583d7819e3386
+	NOTE: Test: https://github.com/uriparser/uriparser/commit/bd7f2e6c0c17dd78853f85107535391b4635a86d
 CVE-2026-44927 (In uriparser before 1.0.2, there is pointer difference truncation to i ...)
 	TODO: check
 CVE-2026-44500 (ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad versio ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93b4bae9042e729a63282630d8cf6f2ef01dae14

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93b4bae9042e729a63282630d8cf6f2ef01dae14
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260508/045320cf/attachment-0001.htm>