Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
048dffdc by Salvatore Bonaccorso at 2026-07-18T09:39:03+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -49,13 +49,13 @@ CVE-2026-56740 (JLine is a Java library for handling
console input. Prior to 3.3
CVE-2026-56171 (Exposure of private personal information to an unauthorized
actor in W ...)
NOT-FOR-US: Microsoft
CVE-2026-55518 (Avo is a framework to create admin panels for Ruby on Rails
apps. Prio ...)
- TODO: check
+ NOT-FOR-US: Avo
CVE-2026-55254 (NCalc is a fast, lightweight expression evaluator for .NET.
Prior to 6 ...)
- TODO: check
+ NOT-FOR-US: NCalc
CVE-2026-54498 (view_component is a framework for building reusable, testable,
and enc ...)
- TODO: check
+ NOT-FOR-US: view_component framework
CVE-2026-54497 (view_component is a framework for building reusable, testable,
and enc ...)
- TODO: check
+ NOT-FOR-US: view_component framework
CVE-2026-54490 (websocket-driver is a WebSocket protocol handler with
pluggable I/O. P ...)
TODO: check
CVE-2026-54466 (websocket-driver is a WebSocket protocol handler with
pluggable I/O. P ...)
@@ -67,19 +67,19 @@ CVE-2026-54464 (### Impact If this library is used in
tandem with the `permessa
CVE-2026-54463 (websocket-driver is a WebSocket protocol handler with
pluggable I/O. P ...)
TODO: check
CVE-2026-54335 (Feathersjs is a framework for creating web APIs and real-time
applicat ...)
- TODO: check
+ NOT-FOR-US: Feathersjs
CVE-2026-54244 (Statamic is a Laravel and Git powered content management
system (CMS). ...)
- TODO: check
+ NOT-FOR-US: Statamic CMS
CVE-2026-54243 (Statamic is a Laravel and Git powered content management
system (CMS). ...)
- TODO: check
+ NOT-FOR-US: Statamic CMS
CVE-2026-54242 (Statamic is a Laravel and Git powered content management
system (CMS). ...)
- TODO: check
+ NOT-FOR-US: Statamic CMS
CVE-2026-54171 (Excon is usable, fast, simple HTTP 1.1 for Ruby. Prior to
1.5.0, Excon ...)
TODO: check
CVE-2026-54163 (secure_headers manages application of security headers with
many safe ...)
TODO: check
CVE-2026-54159 (PrestaShop ps_facetedsearch is a module that adds layered
navigation f ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2026-53727 (css_parser is a Ruby CSS parser. From 2.2.0 until 3.0.0,
CssParser::Pa ...)
TODO: check
CVE-2026-52584 (Buffer Overflow vulnerability in libjxl v.0.11.2 and before
allows a l ...)
@@ -87,19 +87,19 @@ CVE-2026-52584 (Buffer Overflow vulnerability in libjxl
v.0.11.2 and before allo
CVE-2026-52348 (cool-admin-java 8.0.0 has a SQL injection vulnerability in the
order() ...)
TODO: check
CVE-2026-52203 (An issue in MCMS v.6.1.1 allows a remote attacker to obtain
sensitive ...)
- TODO: check
+ NOT-FOR-US: MCMS
CVE-2026-52199 (An issue in Generic OEM UZ801_v2.1 4G LTE Router V3.4.3 allows
a remot ...)
- TODO: check
+ NOT-FOR-US: LTE Router
CVE-2026-51833 (Xenforo 2.3.8 is vulnerable to SSRF. Attackers that have
administrator ...)
- TODO: check
+ NOT-FOR-US: Xenforo
CVE-2026-50289 (systeminformation is a System and OS information library for
node.js. ...)
TODO: check
CVE-2026-50274 (Datadog dd-trace-go is a Go client library for Datadog
application per ...)
- TODO: check
+ NOT-FOR-US: Datadog dd-trace-go
CVE-2026-50272 (dd-trace is the Datadog APM client for Node.js. Prior to
5.100.0, W3C ...)
- TODO: check
+ NOT-FOR-US: Datadog dd-trace
CVE-2026-50271 (Datadog dd-trace-py is the Datadog Python APM client. Prior to
4.8.2, ...)
- TODO: check
+ NOT-FOR-US: Datadog dd-trace-py
CVE-2026-50197 (Skipper is an HTTP router and reverse proxy for service
composition. P ...)
TODO: check
CVE-2026-50163 (oras-go is a Go library for managing OCI artifacts. Prior to
2.6.2, en ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/048dffdc7aa4cf15706d3a7442f970a71aa10bca
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/048dffdc7aa4cf15706d3a7442f970a71aa10bca
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits