[Git][security-tracker-team/security-tracker][master] new jetty issues

Thu, 05 Mar 2026 23:20:18 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
54153015 by Moritz Muehlenhoff at 2026-03-06T08:19:37+01:00
new jetty issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -125,7 +125,8 @@ CVE-2026-21621 (Incorrect Authorization vulnerability in 
hexpm hexpm/hexpm ('Eli
 CVE-2026-1720 (The WowOptin: Next-Gen Popup Maker \u2013 Create Stunning 
Popups and O ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-1605 (In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, 
class Gzi ...)
-       TODO: check
+       - jetty12 12.0.32-1
+       NOTE: 
https://github.com/jetty/jetty.project/security/advisories/GHSA-xxh7-fcf3-rj7f
 CVE-2025-7375 (A denial-of-service (DoS) vulnerability was identified in Omada 
EAP610 ...)
        NOT-FOR-US: TPLink
 CVE-2025-70616 (A stack buffer overflow vulnerability exists in the Wincor 
Nixdorf wnB ...)
@@ -154,7 +155,10 @@ CVE-2025-13350 (Ubuntu Linux 6.8 GA retains the legacy 
AF_UNIX garbage collector
        - linux <not-affected> (Ubuntu-specific backport issue)
        NOTE: https://www.openwall.com/lists/oss-security/2026/03/05/7
 CVE-2025-11143 (The Jetty URI parser has some key differences to other common 
parsers  ...)
-       TODO: check
+       - jetty12 12.0.32-1
+       - jetty9 <unfixed>
+       - jetty <removed>
+       NOTE: 
https://github.com/jetty/jetty.project/security/advisories/GHSA-wjpw-4j6x-6rwh
 CVE-2024-43035 (Fonoster 0.5.5 before 0.6.1 allows ../ directory traversal to 
read arb ...)
        TODO: check
 CVE-2026-3523 (The Apocalypse Meow plugin for WordPress is vulnerable to SQL 
Injectio ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/541530158fa94ca4fca6926644970b40ac7356fd

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/541530158fa94ca4fca6926644970b40ac7356fd
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to