Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b7bd9c1e by Salvatore Bonaccorso at 2026-05-21T08:00:41+02:00
Correct association for CVE-2026-4802
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5521,7 +5521,11 @@ CVE-2026-6815 (An arbitrary file write vulnerability
exists in Casdoor's Local F
CVE-2026-6093 (Corteza contains a SQL injection vulnerability in its Microsoft
SQL Se ...)
NOT-FOR-US: Corteza
CVE-2026-4802 (A flaw was found in Cockpit. This vulnerability allows a remote
attack ...)
- NOT-FOR-US: Crabbox
+ - cockpit <unfixed>
+ NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/19
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2451155
+ NOTE: Fixed by:
https://github.com/cockpit-project/cockpit/commit/e3a47d70f99a0dbbb427b3146ae9571cecc44296
(362)
+ NOTE: Testcase:
https://github.com/cockpit-project/cockpit/commit/7b401c90fd775dd89ffce194c947ff2e74f5e5ee
(362)
CVE-2026-45224 (Crabbox before 0.9.0 contains a path traversal vulnerability
in the Is ...)
NOT-FOR-US: Crabbox
CVE-2026-45223 (Crabbox before 0.9.0 contains an authentication bypass
vulnerability i ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7bd9c1e2a95137e18b3d937c73dd176f089c8d1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7bd9c1e2a95137e18b3d937c73dd176f089c8d1
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
