Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
763d797f by Salvatore Bonaccorso at 2026-05-07T11:11:13+02:00
Add CVE-2026-33079/mistune
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -695,7 +695,10 @@ CVE-2026-34474 (Sensitive data exposure leading to
admin/WLAN credential leak in
CVE-2026-34473 (Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A,
H198A, ...)
NOT-FOR-US: ZTE
CVE-2026-33079 (In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS
(Regula ...)
- TODO: check
+ - mistune <unfixed>
+ [bookworm] - mistune <not-affected> (Vulnerable code not present)
+ [bullseye] - mistune <not-affected> (Vulnerable code not present)
+ NOTE:
https://github.com/lepture/mistune/security/advisories/GHSA-8mp2-v27r-99xp
CVE-2026-29090 (### Summary A SQL injection vulnerability exists in Rucio
versions 1. ...)
TODO: check
CVE-2026-29080 (A SQL injection vulnerability in
`FilterEngine.create_sqla_query()` al ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/763d797fc15d9bb1e2de1b02aee139a30d7a24e9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/763d797fc15d9bb1e2de1b02aee139a30d7a24e9
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
