Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: cac40105 by Salvatore Bonaccorso at 2025-02-14T20:38:57+01:00 Add new node-dompurify issue (CVE-2025-26791) - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,8 @@ +CVE-2025-26791 [conditional and config dependent mXSS-style bypass] + - node-dompurify <unfixed> + [bookworm] - node-dompurify <no-dsa> (Minor issue) + NOTE: Fixed by: https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02 (3.2.4) + NOTE: https://ensy.zip/posts/dompurify-323-bypass/ CVE-2025-26789 (An issue was discovered in Logpoint AgentX before 1.5.0. A vulnerabili ...) NOT-FOR-US: Logpoint AgentX CVE-2025-26788 (StrongKey FIDO Server before 4.15.1 treats a non-discoverable (namedcr ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cac40105e3451f1b57796cb8c8a7fe524b65937d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cac40105e3451f1b57796cb8c8a7fe524b65937d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits