Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7635d324 by Salvatore Bonaccorso at 2026-01-08T22:55:00+01:00
Add CVE-2026-21860/python-werkzeug
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -96,7 +96,9 @@ CVE-2026-21872 (NiceGUI is a Python-based UI framework. From
versions 2.22.0 to
CVE-2026-21871 (NiceGUI is a Python-based UI framework. From versions 2.13.0
to 3.4.1, ...)
NOT-FOR-US: NiceGUI
CVE-2026-21860 (Werkzeug is a comprehensive WSGI web application library.
Prior to ver ...)
- TODO: check
+ - python-werkzeug <not-affected> (Only affects werkzeug on Windows)
+ NOTE:
https://github.com/pallets/werkzeug/security/advisories/GHSA-87hc-h4r5-73f7
+ NOTE: Fixed by:
https://github.com/pallets/werkzeug/commit/37797aba260022c871718e0908b472727d366d09
(3.1.5)
CVE-2026-21639 (A malicious actor in Wi-Fi range of the affected product could
leverag ...)
NOT-FOR-US: airFiber AF60
CVE-2026-21638 (A malicious actor in Wi-Fi range of the affected product could
leverag ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7635d3243073044ae441c4733d6a10d5f042a94b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7635d3243073044ae441c4733d6a10d5f042a94b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
