Add CVE-2023-26130/cpp-httplib

author: Salvatore Bonaccorso <carnil@debian.org> 2023-06-03 09:11:53 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-06-03 09:11:53 +0200
commit: ff58bac794029374b424e26709db9bbde86407dd (patch)
tree: 77e8486aea4cbe986af2b36198a26031e720fbe5 /data
parent: 50c1a4ba6ac53eace9b54c00a45820c8efc8c826 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index f96c6fa4b3..725360a37f 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -18005,7 +18005,10 @@ CVE-2023-26132
 CVE-2023-26131 (All versions of the package github.com/xyproto/algernon/engine; all ve ...)
 	TODO: check
 CVE-2023-26130 (Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerab ...)
-	TODO: check
+	- cpp-httplib <unfixed>
+	NOTE: https://security.snyk.io/vuln/SNYK-UNMANAGED-YHIROSECPPHTTPLIB-5591194
+	NOTE: https://gist.github.com/dellalibera/094aece17a86069a7d27f93c8aba2280
+	NOTE: https://github.com/yhirose/cpp-httplib/commit/5b397d455d25a391ba346863830c1949627b4d08 (v0.12.4)
 CVE-2023-26129 (All versions of the package bwm-ng are vulnerable to Command Injection ...)
 	NOT-FOR-US: bwm-ng Nodejs module (not the same as src:bwm-ng)
 CVE-2023-26128 (All versions of the package keep-module-latest are vulnerable to Comma ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2023-06-03 09:11:53 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-06-03 09:11:53 +0200
commit	ff58bac794029374b424e26709db9bbde86407dd (patch)
tree	77e8486aea4cbe986af2b36198a26031e720fbe5 /data
parent	50c1a4ba6ac53eace9b54c00a45820c8efc8c826 (diff)