Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8806ca02 by Salvatore Bonaccorso at 2026-07-07T09:49:33+02:00
Track new hugo issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,11 +7,20 @@ CVE-2026-59711 (showdown contains a cross-site scripting 
vulnerability in metada
 CVE-2026-59710 (showdown contains a stored cross-site scripting vulnerability 
in the p ...)
        TODO: check
 CVE-2026-58404 (Hugo is a static site generator. From v0.162.0 through 
v0.163.0, the d ...)
-       TODO: check
+       - hugo <unfixed>
+       NOTE: 
https://github.com/gohugoio/hugo/security/advisories/GHSA-r46f-3rpw-hxrv
+       NOTE: https://github.com/gohugoio/hugo/pull/15020
+       NOTE: Fixed by: 
https://github.com/gohugoio/hugo/commit/a00b5c72ac57afe26df6688ece3ca544a56df372
 (v0.163.1)
 CVE-2026-58403 (Hugo is a static site generator. From v0.123.0 through 
v0.163.0, Hugo' ...)
-       TODO: check
+       - hugo <unfixed>
+       NOTE: 
https://github.com/gohugoio/hugo/security/advisories/GHSA-c3wq-j5vh-68rc
+       NOTE: https://github.com/gohugoio/hugo/pull/15020
+       NOTE: Fixed by: 
https://github.com/gohugoio/hugo/commit/cf9c8f93ca2a2838ce378f9e36d052ac2f79e229
 (v0.163.1)
 CVE-2026-58402 (Hugo is a static site generator. From 0.60.0 until 0.163.3, 
Hugo's def ...)
-       TODO: check
+       - hugo <unfixed>
+       NOTE: 
https://github.com/gohugoio/hugo/security/advisories/GHSA-q76j-gcg9-vxc6
+       NOTE: https://github.com/gohugoio/hugo/pull/15051
+       NOTE: Fixed by: 
https://github.com/gohugoio/hugo/commit/ce1a7e0bce3713af40496ded3c2c0ceeed49231d
 (v0.163.3)
 CVE-2026-58315 (Cross-site request forgery vulnerability exists in SEIKO EPSON 
Web Con ...)
        NOT-FOR-US: SEIKO
 CVE-2026-57871 (Relative path traversal vulnerability in MicroRealEstate file 
upload f ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8806ca0235df9b552697ebba076b5671e37d746f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8806ca0235df9b552697ebba076b5671e37d746f
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to