[Git][security-tracker-team/security-tracker][master] Add CVE-2026-44903/prometheus
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 29 21:07:41 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8fdde7f4 by Salvatore Bonaccorso at 2026-05-29T22:07:16+02:00
Add CVE-2026-44903/prometheus
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4670,7 +4670,9 @@ CVE-2026-44966 (Velocity.js is a JavaScript implementation of the Apache Velocit
CVE-2026-44905 (Vanetza is an open-source implementation of the ETSI C-ITS protocol su ...)
NOT-FOR-US: Vanetza
CVE-2026-44903 (Prometheus is an open-source monitoring system and time series databas ...)
- TODO: check
+ - prometheus <unfixed>
+ NOTE: https://github.com/prometheus/prometheus/security/advisories/GHSA-fw8g-cg8f-9j28
+ NOTE: Fixed by: https://github.com/prometheus/prometheus/commit/38f23b9075ced1de2b82d2dad8b2bebb1ecd5b7d
CVE-2026-44900 (epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telemat ...)
NOT-FOR-US: epa4all-client
CVE-2026-44899 (Mistune is a Python Markdown parser with renderers and plugins. Prior ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8fdde7f4041301d5adde66da0b58a009ac240485
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8fdde7f4041301d5adde66da0b58a009ac240485
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260529/047f86f4/attachment.htm>
More information about the debian-security-tracker-commits
mailing list