| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|
| CVE-2026-4926 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Impact: A bad regular expression is generated any time you have multi ... |
| CVE-2026-4923 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Impact: When using multiple wildcards, combined with at least one par ... |
| CVE-2024-45296 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | fixed | path-to-regexp turns path strings into a regular expressions. In certa ... |