[Git][security-tracker-team/security-tracker][master] Add CVE-2026-45186/expat
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun May 10 09:27:32 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dfddb0ff by Salvatore Bonaccorso at 2026-05-10T10:27:05+02:00
Add CVE-2026-45186/expat
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -57,7 +57,8 @@ CVE-2026-8195 (A vulnerability was detected in JeecgBoot up to 3.9.1. The affect
CVE-2026-8194 (A security vulnerability has been detected in osTicket up to 1.18.3. I ...)
NOT-FOR-US: osTicket
CVE-2026-45186 (In libexpat before 2.8.1, the computational complexity of attribute na ...)
- TODO: check
+ - expat <unfixed>
+ NOTE: https://github.com/libexpat/libexpat/pull/1216
CVE-2026-45184 (Kdenlive before 26.04.1 allows dangerous proxy parameters when an atta ...)
TODO: check
CVE-2026-45182 (GrapheneOS before 2026050400 allows attackers to discover the real IP ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfddb0ff11d92489aaf471e48ec3c566ceb0d963
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfddb0ff11d92489aaf471e48ec3c566ceb0d963
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260510/da1110eb/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list