[Git][security-tracker-team/security-tracker][master] Add CVE-2026-7790/erlang-cowlib

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f2471394 by Salvatore Bonaccorso at 2026-05-12T12:32:34+02:00
Add CVE-2026-7790/erlang-cowlib

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -409,7 +409,11 @@ CVE-2026-7814 (Stored cross-site scripting (XSS) vulnerability in pgAdmin 4 Brow
 CVE-2026-7813 (Authorization vulnerability in pgAdmin 4 server mode affecting Server  ...)
 	- pgadmin4 <itp> (bug #834129)
 CVE-2026-7790 (Uncontrolled Resource Consumption vulnerability in ninenines cowlib (c ...)
-	TODO: check
+	- erlang-cowlib <unfixed>
+	NOTE: https://cna.erlef.org/cves/CVE-2026-7790.html
+	NOTE: https://osv.dev/vulnerability/EEF-CVE-2026-7790
+	NOTE: https://github.com/ninenines/cowlib/commit/a4b8039ce8c93ab00867ef6b7e888822c09f4369
+	TODO: check if embedded copy in rabbitmq-server is problematic
 CVE-2026-7308 (An authenticated user with upload permission to a hosted repository ca ...)
 	NOT-FOR-US: Sonatype
 CVE-2026-7210 (`xml.parsers.expat` and `xml.etree.ElementTree` use insufficient entro ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f2471394910a9f09a7247037c2fe7ec32c89fd49

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f2471394910a9f09a7247037c2fe7ec32c89fd49
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260512/f37b6b0d/attachment.htm>