[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 21 08:13:26 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7e3bd404 by security tracker role at 2026-05-21T07:13:21+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,141 @@
+CVE-2026-9152 (A missing authentication vulnerability exists in the Altium 365 Search ...)
+ TODO: check
+CVE-2026-9150 (A flaw was found in libsolv. This stack-based buffer overflow vulnerab ...)
+ TODO: check
+CVE-2026-9149 (A flaw was found in libsolv. This heap buffer overflow vulnerability o ...)
+ TODO: check
+CVE-2026-9144 (Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a stored ...)
+ TODO: check
+CVE-2026-9141 (Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains an authe ...)
+ TODO: check
+CVE-2026-9139 (Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a hard-c ...)
+ TODO: check
+CVE-2026-9137 (The CSP report endpoint intended to limit logged CSP reports to 1 KB b ...)
+ TODO: check
+CVE-2026-9136 (A vulnerability was identified in the ShadowAttribute proposal creatio ...)
+ TODO: check
+CVE-2026-9133 (Active debug code exists in the ARN resolver of amazon-mq rabbitmq-aws ...)
+ TODO: check
+CVE-2026-9129 (A path traversal vulnerability exists in the Altium Enterprise Server ...)
+ TODO: check
+CVE-2026-9126 (Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allo ...)
+ TODO: check
+CVE-2026-9124 (Insufficient validation of untrusted input in Input in Google Chrome o ...)
+ TODO: check
+CVE-2026-9123 (Heap buffer overflow in Chromecast in Google Chrome on Android, Linux, ...)
+ TODO: check
+CVE-2026-9122 (Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778. ...)
+ TODO: check
+CVE-2026-9121 (Out of bounds read in GPU in Google Chrome on prior to 148.0.7778.179 ...)
+ TODO: check
+CVE-2026-9120 (Use after free in WebRTC in Google Chrome prior to 148.0.7778.179 allo ...)
+ TODO: check
+CVE-2026-9119 (Heap buffer overflow in WebRTC in Google Chrome on prior to 148.0.7778 ...)
+ TODO: check
+CVE-2026-9118 (Use after free in XR in Google Chrome on Windows prior to 148.0.7778.1 ...)
+ TODO: check
+CVE-2026-9117 (Type Confusion in GFX in Google Chrome on Linux, ChromeOS prior to 148 ...)
+ TODO: check
+CVE-2026-9116 (Insufficient policy enforcement in ServiceWorker in Google Chrome on p ...)
+ TODO: check
+CVE-2026-9115 (Insufficient policy enforcement in Service Worker in Google Chrome on ...)
+ TODO: check
+CVE-2026-9114 (Use after free in QUIC in Google Chrome on prior to 148.0.7778.179 all ...)
+ TODO: check
+CVE-2026-9113 (Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778. ...)
+ TODO: check
+CVE-2026-9112 (Use after free in GPU in Google Chrome on Windows prior to 148.0.7778. ...)
+ TODO: check
+CVE-2026-9111 (Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778 ...)
+ TODO: check
+CVE-2026-9110 (Inappropriate implementation in UI in Google Chrome on Windows prior t ...)
+ TODO: check
+CVE-2026-9102 (A path traversal vulnerability exists in the Altium Enterprise Server ...)
+ TODO: check
+CVE-2026-9082 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-8632 (A potential security vulnerability has been identified in the HP Linux ...)
+ TODO: check
+CVE-2026-8631 (A potential security vulnerability has been identified in the HP Linux ...)
+ TODO: check
+CVE-2026-8399
+ REJECTED
+CVE-2026-6279 (The Avada Builder (fusion-builder) plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2026-4811 (The WPB Floating Menu & Categories for WordPress \u2013 Sticky Side Me ...)
+ TODO: check
+CVE-2026-48172 (LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalat ...)
+ TODO: check
+CVE-2026-47782 (Android App "RoboForm Password Manager" provided by Siber Systems, Inc ...)
+ TODO: check
+CVE-2026-47099 (TeleJSON prior to 6.0.0 contains a DOM-based cross-site scripting vuln ...)
+ TODO: check
+CVE-2026-45444 (Unrestricted Upload of File with Dangerous Type vulnerability in WP Sw ...)
+ TODO: check
+CVE-2026-40165 (authentik is an open-source identity provider. Versions 2025.12.4 and ...)
+ TODO: check
+CVE-2026-40102 (Plane is an open-source project management tool. In versions 1.3.0 and ...)
+ TODO: check
+CVE-2026-40094 (nimiq-blockchain provides persistent block storage for Nimiq's Rust im ...)
+ TODO: check
+CVE-2026-40092 (nimiq-blockchain provides persistent block storage for Nimiq's Rust im ...)
+ TODO: check
+CVE-2026-39960 (Mantis Bug Tracker (MantisBT) is an open source issue tracker. Version ...)
+ TODO: check
+CVE-2026-39850 (Yii 2 is a PHP application framework. Versions 2.0.54 and prior contai ...)
+ TODO: check
+CVE-2026-39405 (Frappe Learning Management System (LMS) is a learning system that help ...)
+ TODO: check
+CVE-2026-39352 (Frappe is a full-stack web application framework. Versions prior to 15 ...)
+ TODO: check
+CVE-2026-39311 (Trilium Notes is a cross-platform, hierarchical note taking applicatio ...)
+ TODO: check
+CVE-2026-39310 (Trilium Notes is a cross-platform, hierarchical note taking applicatio ...)
+ TODO: check
+CVE-2026-35016 (Open ISES Tickets before 3.44.2 contains a reflected cross-site script ...)
+ TODO: check
+CVE-2026-35015 (Open ISES Tickets before 3.44.2 contains a reflected cross-site script ...)
+ TODO: check
+CVE-2026-35014 (Open ISES Tickets before 3.44.2 contains a reflected cross-site script ...)
+ TODO: check
+CVE-2026-35013 (Open ISES Tickets before 3.44.2 contains a reflected cross-site script ...)
+ TODO: check
+CVE-2026-35012 (Open ISES Tickets before 3.44.2 contains a reflected cross-site script ...)
+ TODO: check
+CVE-2026-35011 (Open ISES Tickets before 3.44.2 contains a reflected cross-site script ...)
+ TODO: check
+CVE-2026-35010 (Open ISES Tickets before 3.44.2 contains a reflected cross-site script ...)
+ TODO: check
+CVE-2026-35009 (Open ISES Tickets before 3.44.2 contains a reflected cross-site script ...)
+ TODO: check
+CVE-2026-35008 (Open ISES Tickets before 3.44.2 contains a reflected cross-site script ...)
+ TODO: check
+CVE-2026-35007 (Open ISES Tickets before 3.44.2 contains a reflected cross-site script ...)
+ TODO: check
+CVE-2026-33137 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2026-2813 (ArcGIS Server contains an input validation weakness in the login redir ...)
+ TODO: check
+CVE-2026-2812 (ArcGIS Server contains an improper authentication vulnerability in an ...)
+ TODO: check
+CVE-2026-2734 (In mlflow/mlflow versions up to 3.9.0, the `SearchModelVersions` REST ...)
+ TODO: check
+CVE-2026-26028 (CryptPad is an end-to-end encrypted collaborative office suite. In ver ...)
+ TODO: check
+CVE-2026-24218 (NVIDIA DGX OS contains a vulnerability in the factory provisioning pro ...)
+ TODO: check
+CVE-2026-24217 (NVIDIA BioNeMo Core for Linux contains a vulnerability where a user co ...)
+ TODO: check
+CVE-2026-24216 (NVIDIA BioNemo for Linux contains a vulnerability where a user could c ...)
+ TODO: check
+CVE-2026-24188 (NVIDIA TensorRT contains a vulnerability where an attacker could cause ...)
+ TODO: check
+CVE-2026-23734 (XWiki Platform is a generic wiki platform. Versions prior to 18.1.0-rc ...)
+ TODO: check
+CVE-2026-1881 (The Broadstreet plugin for WordPress is vulnerable to Insecure Direct ...)
+ TODO: check
+CVE-2026-1543 (The Avada (Fusion) Builder plugin for WordPress is vulnerable to Store ...)
+ TODO: check
CVE-2026-XXXX [ROHC protocol dissector crash]
- wireshark 4.6.6-1
[trixie] - wireshark <postponed> (Minor issue, fix along with future update)
@@ -48,11 +186,11 @@ CVE-2026-45753
- symfony 7.4.12+dfsg-1
CVE-2026-46626
- symfony 7.4.12+dfsg-1
-CVE-2026-47373
+CVE-2026-47373 (Crypt::SaltedHash versions through 0.09 for Perl is susceptible to tim ...)
- libcrypt-saltedhash-perl <unfixed>
NOTE: https://lists.security.metacpan.org/cve-announce/msg/40249915/
NOTE: Fixed by: https://github.com/robrwo/perl-Crypt-SaltedHash/commit/c07bfc5c23185b0667233d0f2e1252d81f1f027a (0.10)
-CVE-2026-47372
+CVE-2026-47372 (Crypt::SaltedHash versions through 0.09 for Perl generate insecure ran ...)
- libcrypt-saltedhash-perl <unfixed>
NOTE: https://lists.security.metacpan.org/cve-announce/msg/40252126/
NOTE: Fixed by: https://github.com/robrwo/perl-Crypt-SaltedHash/commit/9b68437d2cd420b819b3a795474c3870338d38d5 (0.10)
@@ -249,15 +387,19 @@ CVE-2026-42396
NOTE: https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-06.html#insufficient-validation-of-member-zone-data-may-cause-catalog-zone-transfer-to-fail
NOTE: https://github.com/PowerDNS/pdns/commit/d0bc49a5355906d21e06552b5e3fd87cd5c91406 (auth-5.0.5)
CVE-2026-3592 (BIND resolvers are vulnerable to an amplified resource consumption/exh ...)
+ {DSA-6285-1}
- bind9 1:9.20.23-1
NOTE: https://kb.isc.org/docs/cve-2026-3592
CVE-2026-3039 (BIND servers that are configured to use TKEY-based authentication via ...)
+ {DSA-6285-1}
- bind9 1:9.20.23-1
NOTE: https://kb.isc.org/docs/cve-2026-3039
CVE-2026-5946 (Multiple flaws have been identified in `named` related to the handling ...)
+ {DSA-6285-1}
- bind9 1:9.20.23-1
NOTE: https://kb.isc.org/docs/cve-2026-5946
CVE-2026-5950 (An unbounded resend loop vulnerability exists in the BIND 9 resolver s ...)
+ {DSA-6285-1}
- bind9 1:9.20.23-1
NOTE: https://kb.isc.org/docs/cve-2026-5950
CVE-2026-5947 (Undefined behavior may result due to a race condition leading to a use ...)
@@ -787,7 +929,7 @@ CVE-2026-46529
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/papers/-/commit/1b82bf627b4d8b414a57b55a9095e6d361799d6c
NOTE: No security impact in evince-gtk3 since affected code not built in binary package.
CVE-2026-8975 (Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 151.0-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -795,7 +937,7 @@ CVE-2026-8975 (Memory safety bugs present in Thunderbird 140.10 and Thunderbird
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8975
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8975
CVE-2026-8974 (Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 151.0-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -812,7 +954,7 @@ CVE-2026-8971 (Same-origin policy bypass in the Networking: JAR component. This
- firefox 151.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8971
CVE-2026-8970 (Privilege escalation in the Security component. This vulnerability was ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 151.0-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -823,7 +965,7 @@ CVE-2026-8969 (Mitigation bypass in the DOM: Security component. This vulnerabil
- firefox 151.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8969
CVE-2026-8968 (Denial-of-service due to invalid pointer in the Audio/Video: Web Codec ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 151.0-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -846,7 +988,7 @@ CVE-2026-8963 (Spoofing issue in the Web Speech component. This vulnerability wa
- firefox 151.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8963
CVE-2026-8962 (Mitigation bypass in the DOM: Security component. This vulnerability w ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 151.0-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -854,7 +996,7 @@ CVE-2026-8962 (Mitigation bypass in the DOM: Security component. This vulnerabil
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8962
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8962
CVE-2026-8961 (Spoofing issue in the Form Autofill component. This vulnerability was ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 151.0-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -872,7 +1014,7 @@ CVE-2026-8959 (Sandbox escape due to incorrect boundary conditions in the Widget
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8959
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8959
CVE-2026-8958 (Information disclosure, sandbox escape in the Security: Process Sandbo ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 151.0-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -880,7 +1022,7 @@ CVE-2026-8958 (Information disclosure, sandbox escape in the Security: Process S
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8958
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8958
CVE-2026-8957 (Privilege escalation in the Enterprise Policies component. This vulner ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 151.0-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -888,7 +1030,7 @@ CVE-2026-8957 (Privilege escalation in the Enterprise Policies component. This v
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8957
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8957
CVE-2026-8956 (Integer overflow in the Networking: JAR component. This vulnerability ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 151.0-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -896,7 +1038,7 @@ CVE-2026-8956 (Integer overflow in the Networking: JAR component. This vulnerabi
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8956
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8956
CVE-2026-8955 (Privilege escalation in the DOM: Workers component. This vulnerability ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 151.0-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -904,7 +1046,7 @@ CVE-2026-8955 (Privilege escalation in the DOM: Workers component. This vulnerab
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8955
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8955
CVE-2026-8954 (Incorrect boundary conditions, integer overflow in the Audio/Video com ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 151.0-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -912,7 +1054,7 @@ CVE-2026-8954 (Incorrect boundary conditions, integer overflow in the Audio/Vide
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8954
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8954
CVE-2026-8953 (Sandbox escape due to use-after-free in the Disability Access APIs com ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 151.0-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -926,7 +1068,7 @@ CVE-2026-8951 (Spoofing issue in the Toolbar component in Firefox for Android. T
- firefox <not-affected> (Only affects Firefox on Android)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8951
CVE-2026-8950 (Same-origin policy bypass in the Networking: HTTP component. This vuln ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 151.0-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -944,7 +1086,7 @@ CVE-2026-8948 (Same-origin policy bypass in the DOM: Networking component. This
- firefox 151.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8948
CVE-2026-8947 (Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerabi ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 151.0-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -952,7 +1094,7 @@ CVE-2026-8947 (Use-after-free in the DOM: Bindings (WebIDL) component. This vuln
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8947
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8947
CVE-2026-8946 (Incorrect boundary conditions in the Audio/Video: Web Codecs component ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 151.0-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -3313,7 +3455,7 @@ CVE-2026-42406 (A vulnerability exists in BIG-IP and BIG-IQ systems where a high
NOT-FOR-US: F5
CVE-2026-42290 (protobufjs-cli is the command line add-on for protobuf.js. Prior to 1. ...)
NOT-FOR-US: protobufjs-cli
-CVE-2026-42266 (jupyterlab is an extensible environment for interactive and reproducib ...)
+CVE-2026-42266 (JupyterLab is an extensible environment for interactive and reproducib ...)
- jupyterlab <unfixed>
NOTE: https://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-37w4-hwhx-4rc4
CVE-2026-42063 (A vulnerability exists in iControl SOAP where an authenticated attacke ...)
@@ -4195,7 +4337,7 @@ CVE-2026-8429 (SPIP versions prior to 4.4.14 contain a remote code execution vul
CVE-2026-8407 (Missing authorization in the PAM module in Devolutions Server allows a ...)
NOT-FOR-US: Devolutions
CVE-2026-8401 (Sandbox escape in the Profile Backup component. This vulnerability was ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 150.0.3-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -4203,7 +4345,7 @@ CVE-2026-8401 (Sandbox escape in the Profile Backup component. This vulnerabilit
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8401
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8401
CVE-2026-8391 (Other issue in the JavaScript Engine component. This vulnerability was ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 150.0.3-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -4217,7 +4359,7 @@ CVE-2026-8389 (JIT miscompilation in the JavaScript Engine: JIT component. This
- firefox 150.0.3-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-45/#CVE-2026-8389
CVE-2026-8388 (Incorrect boundary conditions in the JavaScript Engine: JIT component. ...)
- {DSA-6283-1}
+ {DSA-6283-1 DLA-4592-1}
- firefox 150.0.3-1
- firefox-esr 140.11.0esr-1
- thunderbird 1:140.11.0esr-1
@@ -31816,7 +31958,7 @@ CVE-2026-33009 (EVerest is an EV charging software stack. Versions prior to 2026
NOT-FOR-US: EVerest
CVE-2026-32857 (Firecrawl version 2.8.0 and prior contain a server-side request forger ...)
NOT-FOR-US: Firecrawl
-CVE-2026-32846 (OpenClaw through 2026.3.23 (fixed in commit 4797bbc) contains a path t ...)
+CVE-2026-32846 (OpenClaw before 2026.3.28 contains a path traversal vulnerability in m ...)
NOT-FOR-US: OpenClaw
CVE-2026-32287 (Boolean XPath expressions that evaluate to true can cause an infinite ...)
- golang-github-antchfx-xpath 1.3.6-1
@@ -308201,7 +308343,7 @@ CVE-2023-46346 (In the module "Product Catalog (CSV, Excel, XML) Export PRO" (ex
NOT-FOR-US: PrestaShop module
CVE-2023-46158 (IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 co ...)
NOT-FOR-US: IBM
-CVE-2023-46136 (Werkzeug is a comprehensive WSGI web application library. If an upload ...)
+CVE-2023-46136 (Werkzeug is a comprehensive WSGI web application library. In versions ...)
[experimental] - python-werkzeug 3.0.1-1
- python-werkzeug 3.0.1-2 (bug #1054553)
[bookworm] - python-werkzeug 2.2.2-3+deb12u1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e3bd4044ef780ab28e752bcc6695db9d16f1e13
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e3bd4044ef780ab28e752bcc6695db9d16f1e13
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260521/f4e1f8cc/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list