Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
119a0318 by Moritz Muehlenhoff at 2026-05-05T09:10:29+02:00
new spring issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2368,11 +2368,16 @@ CVE-2026-26015 (DocsGPT is a GPT-powered chat for
documentation. From version 0.
CVE-2026-25852 (Local privilege escalation due to DLL hijacking vulnerability.
The fol ...)
NOT-FOR-US: Acronis
CVE-2026-22745 (Spring MVC and WebFlux applications are vulnerable to Denial
of Servic ...)
- TODO: check
+ - libspring-java <not-affected> (Windows-specific)
+ NOTE: https://spring.io/security/cve-2026-22745
CVE-2026-22741 (Spring MVC and WebFlux applications are vulnerable to cache
poisoning ...)
- TODO: check
+ - libspring-java <unfixed> (unimportant)
+ NOTE: https://spring.io/security/cve-2026-22741
+ NOTE: Only supported for building applications shipped in Debian, see
README.Debian.security
CVE-2026-22740 (A WebFlux server application that processes multipart requests
creates ...)
- TODO: check
+ - libspring-java <unfixed> (unimportant)
+ NOTE: https://spring.io/security/cve-2026-22740
+ NOTE: Only supported for building applications shipped in Debian, see
README.Debian.security
CVE-2026-0206 (A post-authentication Stack-based Buffer Overflow
vulnerabilities in S ...)
NOT-FOR-US: SonicWall
CVE-2026-0205 (A post-authentication Path Traversal vulnerability in SonicOS
allows a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/119a03184b0fb0a06f4d02a7c735767319097172
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/119a03184b0fb0a06f4d02a7c735767319097172
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits