[Git][security-tracker-team/security-tracker][master] Add CVE-2026-439790/erlang-cowlib

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d344cc82 by Salvatore Bonaccorso at 2026-05-14T11:39:34+02:00
Add CVE-2026-439790/erlang-cowlib

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -285,7 +285,10 @@ CVE-2026-43998 (vm2 is an open source vm/sandbox for Node.js. In 3.10.5, NodeVM'
 CVE-2026-43997 (vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, it is p ...)
 	NOT-FOR-US: Node.js vm2
 CVE-2026-43970 (Improper Handling of Highly Compressed Data (Data Amplification) vulne ...)
-	TODO: check
+	- erlang-cowlib <unfixed>
+	NOTE: https://cna.erlef.org/cves/CVE-2026-43970.html
+	NOTE: https://osv.dev/vulnerability/EEF-CVE-2026-43970
+	NOTE: https://github.com/ninenines/cowlib/commit/16aad3fb9f81f5cda4d1706ff0c54237c619c282 (2.16.1)
 CVE-2026-42961 (ELECOM wireless LAN access point devices implement CSRF protection mec ...)
 	NOT-FOR-US: ELECOM wireless LAN access point devices
 CVE-2026-42950 (ELECOM wireless LAN access point devices do not check if language para ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d344cc829319ddb318e97ac46e681f3b9144b1d5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d344cc829319ddb318e97ac46e681f3b9144b1d5
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260514/75ad12cb/attachment.htm>