[Git][security-tracker-team/security-tracker][master] Process two new issues in quickjs(-ng)

Sat, 10 Jan 2026 22:26:48 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d5e79d14 by Salvatore Bonaccorso at 2026-01-11T07:26:01+01:00
Process two new issues in quickjs(-ng)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,9 +3,17 @@ CVE-2026-0831 (The Templately plugin for WordPress is 
vulnerable to Arbitrary Fi
 CVE-2026-0824 (A security flaw has been discovered in questdb ui up to 1.11.9. 
Impact ...)
        NOT-FOR-US: questdb ui
 CVE-2026-0822 (A vulnerability was identified in quickjs-ng quickjs up to 
0.11.0. Thi ...)
-       TODO: check
+       - quickjs <unfixed>
+       NOTE: https://github.com/quickjs-ng/quickjs/issues/1297
+       NOTE: https://github.com/quickjs-ng/quickjs/pull/1298
+       NOTE: Fixed by: 
https://github.com/quickjs-ng/quickjs/commit/53eefbcd695165a3bd8c584813b472cb4a69fbf5
+       TODO: check, if inpacts quickjs actually or only the itp'ed quickjs-ng, 
#1120722
 CVE-2026-0821 (A vulnerability was determined in quickjs-ng quickjs up to 
0.11.0. Thi ...)
-       TODO: check
+       - quickjs <unfixed>
+       NOTE: https://github.com/quickjs-ng/quickjs/issues/1296
+       NOTE: https://github.com/quickjs-ng/quickjs/pull/1299
+       NOTE: Fixed by: 
https://github.com/quickjs-ng/quickjs/commit/c5d80831e51e48a83eab16ea867be87f091783c5
+       TODO: check, if inpacts quickjs actually or only the itp'ed quickjs-ng, 
#1120722
 CVE-2025-62235 (Authentication Bypass by Spoofing vulnerability in Apache 
NimBLE.  Rec ...)
        TODO: check
 CVE-2025-53477 (NULL Pointer Dereference vulnerability in Apache Nimble.  
Missing vali ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5e79d145d6b62c33c5b50f1f8b60ae3ce50fe24

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5e79d145d6b62c33c5b50f1f8b60ae3ce50fe24
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to