Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ceef7530 by Salvatore Bonaccorso at 2026-02-21T10:36:19+01:00
Associate CVE-2023-26920 with node-webfont
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -296391,7 +296391,10 @@ CVE-2023-26922 (SQL injection vulnerability found in
Varisicte matrix-gui v.2 al
CVE-2023-26921 (OS Command Injection vulnerability in quectel AG550QCN allows
attacker ...)
NOT-FOR-US: quectel
CVE-2023-26920 (fast-xml-parser before 4.1.2 allows __proto__ for Prototype
Pollution.)
- NOT-FOR-US: fast-xml-parser
+ - node-webfont <undetermined>
+ NOTE: https://gist.github.com/Sudistark/a5a45bd0804d522a1392cb5023aa7ef7
+ NOTE:
https://github.com/NaturalIntelligence/fast-xml-parser/commit/2b032a4f799c63d83991e4f992f1c68e4dd05804
(4.2.1)
+ NOTE: node-webfont provides node-fast-xml-parser
CVE-2023-26919 (delight-nashorn-sandbox 0.2.4 and 0.2.5 is vulnerable to
sandbox escap ...)
NOT-FOR-US: delight-nashorn-sandbox
CVE-2023-26918 (Diasoft File Replication Pro 7.5.0 allows attackers to
escalate privil ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ceef7530f00faefaa06a9781a8da6e4d05a1bfbe
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ceef7530f00faefaa06a9781a8da6e4d05a1bfbe
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
