Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
64fba882 by security tracker role at 2026-05-05T19:13:59+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,77 +1,249 @@
-CVE-2026-43073 [x86-64: rename misleadingly named '__copy_user_nocache()'
function]
+CVE-2026-7865 (A hidden console command is vulnerable to command injection
flaw when ...)
+ TODO: check
+CVE-2026-7855 (A vulnerability was detected in D-Link DI-8100 16.07.26A1.
Affected by ...)
+ TODO: check
+CVE-2026-7854 (A security vulnerability has been detected in D-Link DI-8100
16.07.26A ...)
+ TODO: check
+CVE-2026-7853 (A weakness has been identified in D-Link DI-8100 16.07.26A1.
Affected ...)
+ TODO: check
+CVE-2026-7851 (A vulnerability was identified in D-Link DI-8100 16.07.26A1.
This affe ...)
+ TODO: check
+CVE-2026-7847 (A vulnerability was found in chatchat-space Langchain-Chatchat
up to 0 ...)
+ TODO: check
+CVE-2026-7846 (A vulnerability has been found in chatchat-space
Langchain-Chatchat up ...)
+ TODO: check
+CVE-2026-7845 (A flaw has been found in chatchat-space Langchain-Chatchat up
to 0.3.1 ...)
+ TODO: check
+CVE-2026-7844 (A vulnerability was detected in chatchat-space
Langchain-Chatchat up t ...)
+ TODO: check
+CVE-2026-7834 (A security vulnerability has been detected in EFM ipTIME
NAS1dual 1.5. ...)
+ TODO: check
+CVE-2026-7833 (A weakness has been identified in EFM ipTIME C200 up to 1.092.
This vu ...)
+ TODO: check
+CVE-2026-7832 (A security flaw has been discovered in IObit Advanced
SystemCare 19. T ...)
+ TODO: check
+CVE-2026-7778 (An issue that could allow a dashboard configuration to be
viewed from ...)
+ TODO: check
+CVE-2026-7412 (In Eclipse BaSyx Java Server SDK versions prior to
2.0.0-milestone-10, ...)
+ TODO: check
+CVE-2026-7411 (In Eclipse BaSyx Java Server SDK versions prior to
2.0.0-milestone-10, ...)
+ TODO: check
+CVE-2026-6918 (In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication
remote a ...)
+ TODO: check
+CVE-2026-6322 (fast-uri normalize() decoded percent-encoded authority
delimiters insi ...)
+ TODO: check
+CVE-2026-6262 (The Betheme theme for WordPress is vulnerable to Arbitrary File
Deleti ...)
+ TODO: check
+CVE-2026-6261 (The Betheme theme for WordPress is vulnerable to Arbitrary File
Upload ...)
+ TODO: check
+CVE-2026-4304 (The WeePie Cookie Allow plugin for WordPress is vulnerable to
SQL Inje ...)
+ TODO: check
+CVE-2026-43574 (OpenClaw before 2026.4.12 contains an improper authorization
vulnerabi ...)
+ TODO: check
+CVE-2026-43573 (OpenClaw before 2026.4.10 contains a server-side request
forgery polic ...)
+ TODO: check
+CVE-2026-43572 (OpenClaw versions 2026.4.10 before 2026.4.14 contain a missing
authori ...)
+ TODO: check
+CVE-2026-43571 (OpenClaw before 2026.4.10 contains a plugin trust bypass
vulnerability ...)
+ TODO: check
+CVE-2026-43570 (OpenClaw versions 2026.3.22 before 2026.4.5 contain a symlink
traversa ...)
+ TODO: check
+CVE-2026-43569 (OpenClaw before 2026.4.9 contains an authentication bypass
vulnerabili ...)
+ TODO: check
+CVE-2026-43568 (OpenClaw versions 2026.4.5 before 2026.4.10 contain a
privilege escala ...)
+ TODO: check
+CVE-2026-43567 (OpenClaw before 2026.4.10 contains a path traversal
vulnerability in t ...)
+ TODO: check
+CVE-2026-43566 (OpenClaw versions 2026.4.7 before 2026.4.14 contain a
privilege escala ...)
+ TODO: check
+CVE-2026-43535 (OpenClaw before 2026.4.14 contains an authorization context
reuse vuln ...)
+ TODO: check
+CVE-2026-43534 (OpenClaw before 2026.4.10 contains an input validation
vulnerability t ...)
+ TODO: check
+CVE-2026-43533 (OpenClaw before 2026.4.10 contains an arbitrary file read
vulnerabilit ...)
+ TODO: check
+CVE-2026-43532 (OpenClaw versions 2026.4.7 before 2026.4.10 fail to normalize
Discord ...)
+ TODO: check
+CVE-2026-43531 (OpenClaw before 2026.4.9 contains an environment variable
injection vu ...)
+ TODO: check
+CVE-2026-43530 (OpenClaw versions 2026.2.23 before 2026.4.12 contain a
weakened exec a ...)
+ TODO: check
+CVE-2026-43529 (OpenClaw before 2026.4.10 contains a time-of-check-time-of-use
vulnera ...)
+ TODO: check
+CVE-2026-43528 (OpenClaw before 2026.4.14 contains a redaction bypass
vulnerability th ...)
+ TODO: check
+CVE-2026-43527 (OpenClaw before 2026.4.14 contains a server-side request
forgery vulne ...)
+ TODO: check
+CVE-2026-43526 (OpenClaw before 2026.4.12 contains a server-side request
forgery vulne ...)
+ TODO: check
+CVE-2026-43002 (An issue was discovered in OpenStack Horizon 25.6 and 25.7
before 25.7 ...)
+ TODO: check
+CVE-2026-42997 (An issue was discovered in idrac in OpenStack Ironic before
35.0.1. Du ...)
+ TODO: check
+CVE-2026-42439 (OpenClaw before 2026.4.10 contains a server-side request
forgery polic ...)
+ TODO: check
+CVE-2026-42438 (OpenClaw versions 2026.4.9 before 2026.4.10 contain a sender
policy by ...)
+ TODO: check
+CVE-2026-42437 (OpenClaw versions 2026.4.9 before 2026.4.10 contain a denial
of servic ...)
+ TODO: check
+CVE-2026-42436 (OpenClaw before 2026.4.14 contains an improper access control
vulnerab ...)
+ TODO: check
+CVE-2026-42435 (OpenClaw versions from 2026.2.22 before 2026.4.12 contain an
insuffici ...)
+ TODO: check
+CVE-2026-42434 (OpenClaw versions 2026.4.5 before 2026.4.10 contain a sandbox
escape v ...)
+ TODO: check
+CVE-2026-42433 (OpenClaw before 2026.4.10 contains an authorization bypass
vulnerabili ...)
+ TODO: check
+CVE-2026-3601 (The User Registration & Membership plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2026-3359 (The Form Maker by 10Web \u2013 Mobile-Friendly Drag & Drop
Contact For ...)
+ TODO: check
+CVE-2026-39103 (Buffer Overflow vulnerability in GPAC before commit
v391dc7f4d234988ea ...)
+ TODO: check
+CVE-2026-38432 (ERPNext v15.103.1 and before is vulnerable to Cross Site
Scripting (XS ...)
+ TODO: check
+CVE-2026-38431 (ERPNext v15.103.1 and before is vulnerable to Server-Side
Template Inj ...)
+ TODO: check
+CVE-2026-38429 (OpenCMS v20 and before is vulnerable to XML External Entity
(XXE) in t ...)
+ TODO: check
+CVE-2026-38428 (Kestra v1.3.3 and before is vulnerable to SQL Injection. The
vulnerabi ...)
+ TODO: check
+CVE-2026-36356 (The GoAhead web server on MeiG Smart FORGE_SLT711 devices
(firmware MD ...)
+ TODO: check
+CVE-2026-36355 (The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x
Jungle SDK (a ...)
+ TODO: check
+CVE-2026-34408 (An issue was discovered in Gambio 4.9.2.0 (patched in 2024-02
v1.0.0 f ...)
+ TODO: check
+CVE-2026-32689 (Allocation of Resources Without Limits or Throttling
vulnerability in ...)
+ TODO: check
+CVE-2026-31835 (Vaultwarden is a Bitwarden-compatible server written in Rust.
In versi ...)
+ TODO: check
+CVE-2026-31196 (The traceroute diagnostic handler in /bin/httpd_clientside for
ALTICE ...)
+ TODO: check
+CVE-2026-31195 (The ping diagnostic handler in /bin/httpd_clientside for
ALTICE LABS / ...)
+ TODO: check
+CVE-2026-30923 (ModSecurity is an open source, cross platform web application
firewall ...)
+ TODO: check
+CVE-2026-30246 (Fiber is a web framework for Go. In
github.com/gofiber/fiber/v3 versio ...)
+ TODO: check
+CVE-2026-29168 (Allocation of Resources Without Limits or Throttling
vulnerability in ...)
+ TODO: check
+CVE-2026-28510 (eLabFTW is an open source electronic lab notebook. In elabftw
versions ...)
+ TODO: check
+CVE-2026-27960 (OpenCTI is an open source platform for managing cyber threat
intellige ...)
+ TODO: check
+CVE-2026-27694 (Traccar is an open source GPS tracking system. In
org.traccar:traccar ...)
+ TODO: check
+CVE-2026-27693 (Traccar is an open source GPS tracking system. In
org.traccar:traccar ...)
+ TODO: check
+CVE-2026-27644 (Traccar is an open source GPS tracking system. In versions
between 6.1 ...)
+ TODO: check
+CVE-2026-25589 (RedisBloom is a probabilistic data structures module for
Redis. In all ...)
+ TODO: check
+CVE-2026-25588 (RedisTimeSeries is a time-series module for Redis. In all
versions bef ...)
+ TODO: check
+CVE-2026-25243 (Redis is an in-memory data structure store. In versions of
redis-serve ...)
+ TODO: check
+CVE-2026-23631 (Redis is an in-memory data structure store. In all versions of
redis-s ...)
+ TODO: check
+CVE-2026-23479 (Redis is an in-memory data structure store. In redis-server
from 7.2.0 ...)
+ TODO: check
+CVE-2025-66369 (An issue was discovered in MM in Samsung Mobile Processor,
Wearable Pr ...)
+ TODO: check
+CVE-2025-61669 (Jupyter Server is the backend for Jupyter web applications. In
jupyter ...)
+ TODO: check
+CVE-2025-52206 (ISPConfig 3.3.0 is vulnerable to Cross Site Scripting (XSS)
via the sy ...)
+ TODO: check
+CVE-2025-42611 (RouterOS provides various services that rely on correct
verification o ...)
+ TODO: check
+CVE-2023-54349 (AmazCart CMS 3.4 contains a reflected cross-site scripting
vulnerabili ...)
+ TODO: check
+CVE-2023-54348 (ERPGo SaaS 3.9 contains a CSV injection vulnerability that
allows auth ...)
+ TODO: check
+CVE-2023-54347 (OpenEMR 7.0.1 contains an authentication brute force
vulnerability tha ...)
+ TODO: check
+CVE-2023-54346 (WordPress Plugin Backup Migration 1.2.8 contains an
information disclo ...)
+ TODO: check
+CVE-2023-54345 (Frappe Framework ERPNext 13.4.0 contains a sandbox escape
vulnerabilit ...)
+ TODO: check
+CVE-2023-54344 (Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code
executio ...)
+ TODO: check
+CVE-2023-54342 (Eclipse Equinox OSGi versions 3.8 through 3.18 contain a
remote code e ...)
+ TODO: check
+CVE-2026-43073 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
- linux 6.19.14-1
[trixie] - linux 6.12.85-1
NOTE:
https://git.kernel.org/linus/d187a86de793f84766ea40b9ade7ac60aabbb4fe (7.1-rc1)
-CVE-2026-43072 [drm/vc4: platform_get_irq_byname() returns an int]
+CVE-2026-43072 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.19.14-1
[trixie] - linux 6.12.85-1
NOTE:
https://git.kernel.org/linus/e597a809a2b97e927060ba182f58eb3e6101bc70 (7.1-rc1)
-CVE-2026-43071 [dcache: Limit the minimal number of bucket to two]
+CVE-2026-43071 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.19.14-1
[trixie] - linux 6.12.85-1
NOTE:
https://git.kernel.org/linus/f08fe8891c3eeb63b73f9f1f6d97aa629c821579 (7.1-rc1)
-CVE-2026-43070 [bpf: Reset register ID for BPF_END value tracking]
+CVE-2026-43070 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.19.11-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/a3125bc01884431d30d731461634c8295b6f0529 (7.0-rc5)
-CVE-2026-43067 [ext4: handle wraparound when searching for blocks for indirect
mapped blocks]
+CVE-2026-43067 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 6.19.11-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/bb81702370fad22c06ca12b6e1648754dbc37e0f (7.0-rc6)
-CVE-2026-43065 [ext4: always drain queued discard work in ext4_mb_release()]
+CVE-2026-43065 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 6.19.11-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/9ee29d20aab228adfb02ca93f87fb53c56c2f3af (7.0-rc6)
-CVE-2026-43064 [dmaengine: idxd: Fix not releasing workqueue on .release()]
+CVE-2026-43064 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.19.11-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/3d33de353b1ff9023d5ec73b9becf80ea87af695 (7.0-rc6)
-CVE-2026-43063 [xfs: don't irele after failing to iget in
xfs_attri_recover_work]
+CVE-2026-43063 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
- linux 6.19.11-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/70685c291ef82269180758130394ecdc4496b52c (7.0-rc6)
-CVE-2026-43069 [Bluetooth: hci_ll: Fix firmware leak on error path]
+CVE-2026-43069 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 6.19.11-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE:
https://git.kernel.org/linus/31148a7be723aa9f2e8fbd62424825ab8d577973 (7.0-rc6)
-CVE-2026-43068 [ext4: avoid allocate block from corrupted group in
ext4_mb_find_by_goal()]
+CVE-2026-43068 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 6.19.11-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE:
https://git.kernel.org/linus/46066e3a06647c5b186cc6334409722622d05c44 (7.0-rc6)
-CVE-2026-43066 [ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths]
+CVE-2026-43066 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 6.19.11-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE:
https://git.kernel.org/linus/ec0a7500d8eace5b4f305fa0c594dd148f0e8d29 (7.0-rc6)
-CVE-2026-43059 [Bluetooth: MGMT: Fix list corruption and UAF in command
complete handlers]
+CVE-2026-43059 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 6.19.10-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/17f89341cb4281d1da0e2fb0de5406ab7c4e25ef (7.0-rc5)
-CVE-2026-43062 [Bluetooth: L2CAP: Fix type confusion in
l2cap_ecred_reconf_rsp()]
+CVE-2026-43062 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 6.19.10-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE:
https://git.kernel.org/linus/15145675690cab2de1056e7ed68e59cbd0452529 (7.0-rc5)
-CVE-2026-43061 [serial: 8250: Fix TX deadlock when using DMA]
+CVE-2026-43061 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.19.10-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE:
https://git.kernel.org/linus/a424a34b8faddf97b5af41689087e7a230f79ba7 (7.0-rc5)
-CVE-2026-43060 [netfilter: nft_ct: drop pending enqueued packets on removal]
+CVE-2026-43060 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.19.10-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
@@ -81,19 +253,19 @@ CVE-2026-6502
[bookworm] - qemu <not-affected> (Vulnerable code not present)
NOTE: Introduced with:
https://gitlab.com/qemu-project/qemu/-/commit/7c092f17cceef10258ed23006b40e19b14996471
(v9.2.0-rc0)
NOTE: Fixed by:
https://gitlab.com/qemu-project/qemu/-/commit/30fad722ce68316d22b926ba0e6017f0440465df
-CVE-2026-6907
+CVE-2026-6907 (An issue was discovered in 6.0 before 6.0.5 and 5.2 before
5.2.14. `dj ...)
- python-django 3:5.2.14-1 (bug #1135755)
NOTE:
https://www.djangoproject.com/weblog/2026/may/05/security-releases/
NOTE: Fixed by:
https://github.com/django/django/commit/2115d4eaee15107f5cd290d7cfcc5ffe3ad43661
(5.2.14)
-CVE-2026-35192
+CVE-2026-35192 (An issue was discovered in 6.0 before 6.0.5 and 5.2 before
5.2.14. Res ...)
- python-django 3:5.2.14-1 (bug #1135755)
NOTE:
https://www.djangoproject.com/weblog/2026/may/05/security-releases/
NOTE: Fixed by:
https://github.com/django/django/commit/47cf968c125e3fab317e10fe150ec479e745f995
(5.2.14)
-CVE-2026-5766
+CVE-2026-5766 (An issue was discovered in 6.0 before 6.0.5 and 5.2 before
5.2.14. ASG ...)
- python-django 3:5.2.14-1 (bug #1135755)
NOTE:
https://www.djangoproject.com/weblog/2026/may/05/security-releases/
NOTE: Fixed by:
https://github.com/django/django/commit/2ec27eda3ba6c14f0856e6e3eb1df07c41fd95e6
(5.2.14)
-CVE-2026-43869
+CVE-2026-43869 (Improper Validation of Certificate with Host Mismatch
vulnerability in ...)
[experimental] - thrift 0.23.0-1
- thrift <unfixed> (unimportant)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/05/3
@@ -508,7 +680,7 @@ CVE-2025-13618 (The Mentoring plugin for WordPress is
vulnerable to privilege es
NOT-FOR-US: WordPress plugin
CVE-2025-13605 (3onedata modbus gateway device modelGW1101-1D(RS-485)-TB-P
(hardware v ...)
NOT-FOR-US: 3onedata modbus gateway
-CVE-2026-43870
+CVE-2026-43870 (Origin Validation Error, Improper Limitation of a Pathname to
a Restri ...)
[experimental] - thrift 0.23.0-1
- thrift <unfixed> (unimportant)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/05/4
@@ -522,7 +694,7 @@ CVE-2025-70069 (An issue in Assimp v.6.0.2 allows a remote
attacker to cause a d
CVE-2025-70067 (Buffer Overflow vulnerability exists in Assimp versions up to
6.0.2 in ...)
- assimp <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2465308
-CVE-2026-43868
+CVE-2026-43868 (Memory Allocation with Excessive Size Value vulnerability in
Apache Th ...)
[experimental] - thrift 0.23.0-1
- thrift <unfixed> (unimportant)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/05/2
@@ -10930,7 +11102,7 @@ CVE-2026-34003 (A flaw was found in the X.Org X
server's XKB key types request v
NOTE: https://lists.x.org/archives/xorg-announce/2026-April/003677.html
NOTE: Fixed by:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/b85b00dd7b9eee05e3c12e7ad1fce4fc6671507b
NOTE: Fixed by:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/d38c563fab5c4a554e0939da39e4d1dadef7cbae
-CVE-2026-34002 [XKB Out-of-bounds read in CheckModifierMap()]
+CVE-2026-34002 (A flaw was found in the X.Org X server. This vulnerability, an
out-of- ...)
- xorg-server 2:21.1.22-1
[trixie] - xorg-server <no-dsa> (Minor issue, will be fixed via point
release)
[bookworm] - xorg-server <no-dsa> (Minor issue, will be fixed via point
release)
@@ -10950,7 +11122,7 @@ CVE-2026-34001 (A flaw was found in the X.Org X server.
This use-after-free vuln
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
NOTE: https://lists.x.org/archives/xorg-announce/2026-April/003677.html
NOTE: Fixed by:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/f19ab94ba9c891d801231654267556dc7f32b5e0
-CVE-2026-34000 [XKB Out-of-bounds Read in CheckSetGeom()]
+CVE-2026-34000 (A flaw was found in the X.Org X server. This out-of-bounds
read vulner ...)
- xorg-server 2:21.1.22-1
[trixie] - xorg-server <no-dsa> (Minor issue, will be fixed via point
release)
[bookworm] - xorg-server <no-dsa> (Minor issue, will be fixed via point
release)
@@ -18850,7 +19022,7 @@ CVE-2025-10551 (A Stored Cross-site Scripting (XSS)
vulnerability affecting Docu
NOT-FOR-US: Dassault Systemes
CVE-2024-58342 (XenForo before 2.2.17 and 2.3.1 allows open redirect via a
specially c ...)
NOT-FOR-US: XenForo
-CVE-2026-34956
+CVE-2026-34956 (A flaw was found in Open vSwitch. When Open vSwitch is
configured with ...)
- openvswitch 3.7.1-1 (bug #1132449)
[trixie] - openvswitch <no-dsa> (Minor issue; can be fixed via point
release)
[bookworm] - openvswitch <no-dsa> (Minor issue; can be fixed via point
release)
@@ -28457,6 +28629,7 @@ CVE-2026-32612 (Statamic is a Laravel and Git powered
content management system
CVE-2026-32598 (OneUptime is a solution for monitoring and managing online
services. P ...)
NOT-FOR-US: OneUptime
CVE-2026-32597 (PyJWT is a JSON Web Token implementation in Python. Prior to
2.12.0, P ...)
+ {DLA-4564-1}
- pyjwt 2.12.1-1 (bug #1130662)
NOTE:
https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f
NOTE: Fixed by:
https://github.com/jpadilla/pyjwt/commit/051ea341b5573fe3edcd53042f347929b92c2b92
(2.12.0)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64fba8826e4af4ec8fbf8555ae030821afadf65a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64fba8826e4af4ec8fbf8555ae030821afadf65a
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
