[Git][security-tracker-team/security-tracker][master] Add two new python-urllib3 issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu May 14 10:39:06 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
16c63589 by Salvatore Bonaccorso at 2026-05-14T11:38:46+02:00
Add two new python-urllib3 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -192,9 +192,13 @@ CVE-2026-44439 (PlaywrightCapture is a simple replacement for splash using playw
 CVE-2026-44437 (The Angular SSR is a server-rise rendering tool for Angular applicatio ...)
 	TODO: check
 CVE-2026-44432 (urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7 ...)
-	TODO: check
+	- python-urllib3 <unfixed>
+	[trixie] - python-urllib3 <not-affected> (Vulnerable code introduced later)
+	[bookworm] - python-urllib3 <not-affected> (Vulnerable code introduced later)
+	NOTE: https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j
 CVE-2026-44431 (urllib3 is an HTTP client library for Python. From 1.23 to before 2.7. ...)
-	TODO: check
+	- python-urllib3 <unfixed>
+	NOTE: https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc
 CVE-2026-44426 (ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET /api/names ...)
 	NOT-FOR-US: ShellHub
 CVE-2026-44425 (ShellHub is a centralized SSH gateway. Prior to 0.24.2, the device lis ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16c6358930264133ebc1012109e65b0e8fa8aab6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16c6358930264133ebc1012109e65b0e8fa8aab6
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260514/fbbabe8c/attachment.htm>

More information about the debian-security-tracker-commits mailing list