[Git][security-tracker-team/security-tracker][master] Add new cpp-httplib issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 30 08:56:19 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b3cd86d3 by Salvatore Bonaccorso at 2026-05-30T09:55:57+02:00
Add new cpp-httplib issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22,7 +22,8 @@ CVE-2026-46599 (The TIFF decoder does not place a limit on the size of PackBits-
 	NOTE: https://github.com/golang/go/issues/79577
 	NOTE: https://go-review.googlesource.com/c/image/+/759960
 CVE-2026-46527 (cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTT ...)
-	TODO: check
+	- cpp-httplib <unfixed>
+	NOTE: https://github.com/yhirose/cpp-httplib/security/advisories/GHSA-hg3g-vrg8-578g
 CVE-2026-46385 (iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, the Avro arr ...)
 	TODO: check
 CVE-2026-46384 (iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, several Avro ...)
@@ -34,9 +35,11 @@ CVE-2026-45697 (Formie is a Craft CMS plugin for creating forms. Prior to 2.2.20
 CVE-2026-45613 (Rizin is a UNIX-like reverse engineering framework and command-line to ...)
 	NOT-FOR-US: Rizin
 CVE-2026-45372 (cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTT ...)
-	TODO: check
+	- cpp-httplib <unfixed>
+	NOTE: https://github.com/yhirose/cpp-httplib/security/advisories/GHSA-xjxg-64p4-vj4m
 CVE-2026-45352 (cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTT ...)
-	TODO: check
+	- cpp-httplib <unfixed>
+	NOTE: https://github.com/yhirose/cpp-httplib/security/advisories/GHSA-h6wq-j5mv-f3q8
 CVE-2026-45324 (Rizin is a UNIX-like reverse engineering framework and command-line to ...)
 	NOT-FOR-US: Rizin
 CVE-2026-45294 (FreeScout is a free help desk and shared inbox built with PHP's Larave ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3cd86d3a28f6545259b287402a24f02ce93a834

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3cd86d3a28f6545259b287402a24f02ce93a834
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260530/6447b383/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list