Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5fe3698b by Moritz Muehlenhoff at 2026-01-08T21:10:16+01:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -36,15 +36,15 @@ CVE-2026-22035 (Greenshot is an open source Windows
screenshot utility. Versions
CVE-2026-21883 (Bokeh is an interactive visualization library written in
Python. In ve ...)
- python-bokeh <itp> (bug #756017)
CVE-2026-21881 (Kanboard is project management software focused on Kanban
methodology. ...)
- - kanboard <unfixed>
+ - kanboard <unfixed> (bug #1125061)
NOTE:
https://github.com/kanboard/kanboard/security/advisories/GHSA-wwpf-3j4p-739w
NOTE:
https://github.com/kanboard/kanboard/commit/7af6143e2ad25b5c15549cca8af4341c7ac4e2fc
(v1.2.49)
CVE-2026-21880 (Kanboard is project management software focused on Kanban
methodology. ...)
- - kanboard <unfixed>
+ - kanboard <unfixed> (bug #1125061)
NOTE:
https://github.com/kanboard/kanboard/security/advisories/GHSA-v66r-m28r-wmq7
NOTE:
https://github.com/kanboard/kanboard/commit/dd374079f7c2d1dab74c1680960e684ff8668586
(v1.2.49)
CVE-2026-21879 (Kanboard is project management software focused on Kanban
methodology. ...)
- - kanboard <unfixed>
+ - kanboard <unfixed> (bug #1125061)
NOTE:
https://github.com/kanboard/kanboard/security/advisories/GHSA-mhv9-7m9w-7hcq
NOTE:
https://github.com/kanboard/kanboard/commit/93bcae03301a6d34185a8dba977417e6b3de519f
(v1.2.49)
CVE-2026-21877 (n8n is an open source workflow automation platform. In
versions 0.121. ...)
@@ -52,7 +52,7 @@ CVE-2026-21877 (n8n is an open source workflow automation
platform. In versions
CVE-2026-21875 (ClipBucket v5 is an open source video sharing platform.
Versions 5.5.2 ...)
NOT-FOR-US: ClipBucket
CVE-2026-21869 (llama.cpp is an inference of several LLM models in C/C++. In
commits 5 ...)
- - llama.cpp <unfixed>
+ - llama.cpp <unfixed> (bug #1125060)
NOTE:
https://github.com/ggml-org/llama.cpp/security/advisories/GHSA-8947-pfff-2f3c
CVE-2026-21868 (Flag Forge is a Capture The Flag (CTF) platform. Versions
2.3.2 and be ...)
NOT-FOR-US: Flag Forge
@@ -97,7 +97,7 @@ CVE-2026-21682 (iccDEV provides a set of libraries and tools
that allow for the
CVE-2026-21681 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
NOT-FOR-US: iccDEV
CVE-2026-21441 (urllib3 is an HTTP client library for Python. urllib3's
streaming API ...)
- - python-urllib3 <unfixed>
+ - python-urllib3 <unfixed> (bug #1125062)
NOTE:
https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99
NOTE:
https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b
(2.6.3)
CVE-2026-21427 (The installers for multiple products provided by PIONEER
CORPORATION c ...)
@@ -139,7 +139,7 @@ CVE-2025-14275 (The Jeg Elementor Kit plugin for WordPress
is vulnerable to Stor
CVE-2025-13679 (The Tutor LMS \u2013 eLearning and online course solution
plugin for W ...)
NOT-FOR-US: WordPress plugin
CVE-2025-13151 (Stack-based buffer overflow in libtasn1 version: v4.20.0. The
function ...)
- - libtasn1-6 <unfixed>
+ - libtasn1-6 <unfixed> (bug #1125063)
NOTE: https://gitlab.com/gnutls/libtasn1/-/merge_requests/121
CVE-2025-12776 (The Report Builder component of the application stores user
input dire ...)
NOT-FOR-US: Commvault
@@ -449,7 +449,7 @@ CVE-2025-13418 (The Responsive Pricing Table plugin for
WordPress is vulnerable
CVE-2025-12958 (The Rankology SEO and Analytics Tool plugin for WordPress is
vulnerabl ...)
NOT-FOR-US: WordPress plugin
CVE-2025-12543 (A flaw was found in the Undertow HTTP server core, which is
used in Wi ...)
- - undertow <unfixed>
+ - undertow <unfixed> (bug #1125059)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2408784
CVE-2025-12540 (The ShareThis Dashboard for Google Analytics plugin for
WordPress is v ...)
NOT-FOR-US: WordPress plugin
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fe3698bc5212eeff1cfab701ae4d4edf4b2dd3e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fe3698bc5212eeff1cfab701ae4d4edf4b2dd3e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
