Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1374b27f by Salvatore Bonaccorso at 2026-02-21T11:17:28+01:00
Add CVE-2026-21620/erlang
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -437,7 +437,12 @@ CVE-2026-22341 (Authentication Bypass Using an Alternate
Path or Channel vulnera
CVE-2026-21627 (The vulnerability was rooted in how the Tassos Framework
plugin handle ...)
NOT-FOR-US: Joomla
CVE-2026-21620 (Relative Path Traversal, Improper Isolation or
Compartmentalization vu ...)
- TODO: check
+ - erlang <unfixed>
+ NOTE:
https://github.com/erlang/otp/security/advisories/GHSA-hmrc-prh3-rpvp
+ NOTE: https://github.com/erlang/otp/pull/10706
+ NOTE: Fixed by (merge):
https://github.com/erlang/otp/commit/696fdec922661d4a3cc528fc34bc24fae8d4ad8a
(OTP-28.3.2)
+ NOTE: Fixed by (merge):
https://github.com/erlang/otp/commit/3970738f687325138eb75f798054fa8960ac354e
(OTP-27.3.4.8)
+ NOTE: Fixed by (merge):
https://github.com/erlang/otp/commit/655fb95725ba2fb811740b57e106873833824344
(OTP-26.2.5.17)
CVE-2026-20761 (A vulnerability exists in EnOcean SmartServer IoT version
4.60.009 and ...)
NOT-FOR-US: EnOcean SmartServer IoT
CVE-2026-1842 (HyperCloud versions 2.3.5 through 2.6.8 improperly allowed
refresh tok ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1374b27f1513f197342059ed4b9ee7964c17be12
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1374b27f1513f197342059ed4b9ee7964c17be12
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
