Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0d20113b by Salvatore Bonaccorso at 2026-06-12T22:41:30+02:00
Add another batch of netty issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -217,7 +217,8 @@ CVE-2026-46690 (unbounded_spsc is an "unbounded" extension 
of bounded_spsc_queue
 CVE-2026-46342 (Nuxt is an open-source web development framework for Vue.js. 
In Nuxt v ...)
        NOT-FOR-US: Nuxt
 CVE-2026-46340 (Netty is a network application framework for development of 
protocol s ...)
-       TODO: check
+       - netty <unfixed>
+       NOTE: 
https://github.com/netty/netty/security/advisories/GHSA-5xrh-qmmq-w6ch
 CVE-2026-45833 (A code injection vulnerability in version 0.4.17 or later of 
the Chrom ...)
        NOT-FOR-US: ChromaDB Python
 CVE-2026-45832 (All V1 collection-level endpoints in ChromaDB's Python project 
pass No ...)
@@ -227,17 +228,21 @@ CVE-2026-45831 (The SimpleRBACAuthorizationProvider 
authorization provider in ve
 CVE-2026-45830 (A lack of authorization validation in version 0.4.17 or later 
of the C ...)
        NOT-FOR-US: ChromaDB Python
 CVE-2026-45674 (Netty is a network application framework for development of 
protocol s ...)
-       TODO: check
+       - netty <unfixed>
+       NOTE: 
https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc
 CVE-2026-45673 (Netty is a network application framework for development of 
protocol s ...)
-       TODO: check
+       - netty <unfixed>
+       NOTE: 
https://github.com/netty/netty/security/advisories/GHSA-xmv7-r254-6q78
 CVE-2026-45670 (Nuxt is an open-source web development framework for Vue.js. 
In @nuxt/ ...)
        NOT-FOR-US: Nuxt
 CVE-2026-45669 (Nuxt is an open-source web development framework for Vue.js. 
From vers ...)
        NOT-FOR-US: Nuxt
 CVE-2026-45536 (Netty is a network application framework for development of 
protocol s ...)
-       TODO: check
+       - netty <unfixed>
+       NOTE: 
https://github.com/netty/netty/security/advisories/GHSA-w573-9ffj-6ff9
 CVE-2026-45416 (Netty is a network application framework for development of 
protocol s ...)
-       TODO: check
+       - netty <unfixed>
+       NOTE: 
https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh
 CVE-2026-44976 (Frappe is a full-stack web application framework. Prior to 
version 16. ...)
        NOT-FOR-US: Frappe
 CVE-2026-44975 (Frappe is a full-stack web application framework. Prior to 
versions 15 ...)
@@ -245,9 +250,11 @@ CVE-2026-44975 (Frappe is a full-stack web application 
framework. Prior to versi
 CVE-2026-44967 (OpenTelemetry-cpp is the C++ implementation of OpenTelemetry. 
Prior to ...)
        TODO: check
 CVE-2026-44894 (Netty is a network application framework for development of 
protocol s ...)
-       TODO: check
+       - netty <unfixed>
+       NOTE: 
https://github.com/netty/netty/security/advisories/GHSA-cmm3-54f8-px4j
 CVE-2026-44893 (Netty is a network application framework for development of 
protocol s ...)
-       TODO: check
+       - netty <unfixed>
+       NOTE: 
https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv
 CVE-2026-44208 (Frappe is a full-stack web application framework. Prior to 
versions 15 ...)
        NOT-FOR-US: Frappe
 CVE-2026-44207 (Frappe is a full-stack web application framework. Prior to 
versions 15 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d20113b699f6f1c53cc83f062591c69510b0842

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d20113b699f6f1c53cc83f062591c69510b0842
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to