Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c3e43a77 by Salvatore Bonaccorso at 2026-06-03T22:12:36+02:00
Add CVE-2026-6657/jupyter-server
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,7 +15,8 @@ CVE-2026-8874 (Version 3.0.7 of the Securly Chrome Extension
downloads JSON file
CVE-2026-7888 (Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection
via uns ...)
NOT-FOR-US: Concrete CMS
CVE-2026-6657 (A vulnerability in jupyter-server versions 1.12.0 through
2.17.0 allow ...)
- TODO: check
+ - jupyter-server <unfixed>
+ NOTE: https://huntr.com/bounties/18f642db-3569-43b3-b58d-ff97be4b09d7
CVE-2026-5241 (A vulnerability in the LightGlue model loading path of
huggingface/tra ...)
NOT-FOR-US: huggingface/transformers
CVE-2026-5078 (Impact: The morgan logging middleware's :remote-user token
extracts th ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3e43a774a1d767360b8a3b945a5c478726c4cd0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3e43a774a1d767360b8a3b945a5c478726c4cd0
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
