Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4d70aa8b by Salvatore Bonaccorso at 2026-07-02T08:13:32+02:00
Add new icinga2 updates

Thanks: Marc Haber for reporting them.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,12 @@
+CVE-2026-XXXX [GHSA-jgqj-x5j9-vgcm: Icinga 2 DSL Injection via Unescaped 
Import Template Name]
+       - icinga2 2.16.2-1
+       NOTE: 
https://github.com/Icinga/icinga2/security/advisories/GHSA-jgqj-x5j9-vgcm
+CVE-2026-XXXX [GHSA-wh38-wg57-5w7g: Stack overflow via deeply nested JSON 
objects]
+       - icinga2 2.16.2-1
+       NOTE: 
https://github.com/Icinga/icinga2/security/advisories/GHSA-wh38-wg57-5w7g
+CVE-2026-XXXX [GHSA-vj39-ww8j-vvx5: Improper access control for JSON-RPC 
update certificate messages]
+       - icinga2 2.16.2-1
+       NOTE: 
https://github.com/Icinga/icinga2/security/advisories/GHSA-vj39-ww8j-vvx5
 CVE-2026-8857 (A vulnerability in Wikimedia Foundation timeline.   This 
vulnerability ...)
        NOT-FOR-US: MediaWiki extensions/skins not packaged in Debian
 CVE-2026-8480 (A vulnerability was discovered on Stormshield Network Security 
4.3.0 t ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d70aa8bc3d5c77ea94b32cd067ad49a66487617

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d70aa8bc3d5c77ea94b32cd067ad49a66487617
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to