[Git][security-tracker-team/security-tracker][master] Add two more node-xmldom CVEs

Thu, 07 May 2026 02:05:16 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7ffb6a58 by Salvatore Bonaccorso at 2026-05-07T11:04:20+02:00
Add two more node-xmldom CVEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -124,9 +124,23 @@ CVE-2026-41674 (xmldom is a pure JavaScript W3C 
standard-based (XML DOM Level 2
        NOTE: 
https://github.com/xmldom/xmldom/security/advisories/GHSA-f6ww-3ggp-fr8h
        NOTE: 
https://github.com/xmldom/xmldom/commit/372008f9ae0e20fd69f761c7b79e202598267314
 (0.9.10)
 CVE-2026-41673 (xmldom is a pure JavaScript W3C standard-based (XML DOM Level 
2 Core)  ...)
-       TODO: check
+       - node-xmldom 0.9.10-1
+       NOTE: 
https://github.com/xmldom/xmldom/security/advisories/GHSA-2v35-w6hq-6mfw
+       NOTE: 
https://github.com/xmldom/xmldom/commit/4845ef109221df0890825de2822fbe77afba3afe
 (0.9.10)
+       NOTE: 
https://github.com/xmldom/xmldom/commit/430357c7b6333108856e917bf2367afe5ceb6f8a
 (0.9.10)
+       NOTE: 
https://github.com/xmldom/xmldom/commit/5cdb515630fa8ca25f840b3ff1420c045545af1b
 (0.9.10)
+       NOTE: 
https://github.com/xmldom/xmldom/commit/e6edcab6bef5bcdba0b220bb35442aa72f452b84
 (0.9.10)
+       NOTE: 
https://github.com/xmldom/xmldom/commit/17678a2a73ecbd1a2da90f3d47dc23da9cef81aa
 (0.9.10)
+       NOTE: 
https://github.com/xmldom/xmldom/commit/291257493cb0eb6980eda83b162a9c4e6d7d2597
 (0.9.10)
+       NOTE: 
https://github.com/xmldom/xmldom/commit/b0620383abc1df067f3ce1014c43ae1bc1161eeb
 (0.9.10)
+       NOTE: 
https://github.com/xmldom/xmldom/commit/8834218c85ac2a4d757b9587c9028e67c2f7b6c3
 (0.9.10)
+       NOTE: 
https://github.com/xmldom/xmldom/commit/8b7cfd1491314abdc347261921d7334ff15f7112
 (0.9.10)
+       NOTE: 
https://github.com/xmldom/xmldom/commit/2d6d6916ed8a4c223db1f6d7560ab4544c465b0f
 (0.9.10)
 CVE-2026-41672 (xmldom is a pure JavaScript W3C standard-based (XML DOM Level 
2 Core)  ...)
-       TODO: check
+       - node-xmldom 0.9.10-1
+       NOTE: 
https://github.com/xmldom/xmldom/security/advisories/GHSA-j759-j44w-7fr8
+       NOTE: https://github.com/xmldom/xmldom/pull/987
+       NOTE: 
https://github.com/xmldom/xmldom/commit/fda7cc313de30243fea35cada64e0bb12099c2a1
 (0.9.10)
 CVE-2026-41671 (Admidio is an open-source user management solution. Prior to 
version 5 ...)
        NOT-FOR-US: Admidio
 CVE-2026-41670 (Admidio is an open-source user management solution. Prior to 
version 5 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ffb6a5830019bf828b7a8c262c5c13ac88d79ad

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ffb6a5830019bf828b7a8c262c5c13ac88d79ad
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to