Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0dda32c4 by Salvatore Bonaccorso at 2026-06-30T09:25:17+02:00
Add CVE-2026-55957/tomcat

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19,7 +19,16 @@ CVE-2026-56808 (DGM3103SCT provided by AVTECH Security 
Corporation contains an O
 CVE-2026-56137 (RPG MAKER MV and MZ provided by Gotcha Gotcha Games Inc. 
contain an OS ...)
        TODO: check
 CVE-2026-55957 (Missing Critical Step in Authentication vulnerability in 
Apache Tomcat ...)
-       TODO: check
+       - tomcat11 11.0.5-1
+       [trixie] - tomcat11 11.0.15-1~deb13u1
+       - tomcat10 10.1.40-1
+       [trixie] - tomcat10 10.1.52-1~deb13u1
+       [bookworm] - tomcat10 10.1.52-1~deb12u1
+       - tomcat9 9.0.70-2
+       NOTE: Starting with 9.0.70-2 src:tomcat9 no longer ships the server 
stack, using that as the fixed version
+       NOTE: 
https://github.com/apache/tomcat/commit/fd96ab415631eea44636c94f911dd38427070ef9
 (11.0.5)
+       NOTE: 
https://github.com/apache/tomcat/commit/0cd21c0393b8811af22daddbba7b4e7328e2d79e
 (10.1.37)
+       NOTE: 
https://github.com/apache/tomcat/commit/c32bbd37ea9ee0aaab848af4ee1c9a76e84240ea
 (9.0.101)
 CVE-2026-54889 (Improper Neutralization of Input During Web Page Generation 
(XSS) vuln ...)
        TODO: check
 CVE-2026-54888 (Uncontrolled Recursion vulnerability in leandrocp mdex allows 
denial o ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0dda32c426c0e5887a44b7c54f383065e60e9d7a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0dda32c426c0e5887a44b7c54f383065e60e9d7a
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to