Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0dd6454a by Salvatore Bonaccorso at 2026-01-08T22:27:24+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2026-22587 (Ideagen DevonWay contains a stored cross site scripting
vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Ideagen DevonWay
CVE-2026-22522 (Missing Authorization vulnerability in Munir Kamal Block
Slider allows ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-22521 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
@@ -23,39 +23,39 @@ CVE-2026-22487 (Missing Authorization vulnerability in
baqend Speed Kit allows E
CVE-2026-22486 (Missing Authorization vulnerability in Hakob Re Gallery &
Responsive P ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-22257 (Salvo is a Rust web backend framework. Prior to version
0.88.1, the fu ...)
- TODO: check
+ NOT-FOR-US: Salvo
CVE-2026-22256 (Salvo is a Rust web backend framework. Prior to version
0.88.1, the fu ...)
- TODO: check
+ NOT-FOR-US: Salvo
CVE-2026-22255 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-22253 (Soft Serve is a self-hostable Git server for the command line.
Prior t ...)
- TODO: check
+ NOT-FOR-US: Soft Serve
CVE-2026-22246 (Mastodon is a free, open-source social network server based on
Activit ...)
- TODO: check
+ - mastodon <itp> (bug #859741)
CVE-2026-22245 (Mastodon is a free, open-source social network server based on
Activit ...)
- TODO: check
+ - mastodon <itp> (bug #859741)
CVE-2026-22244 (OpenMetadata is a unified metadata platform. Versions prior to
1.11.4 ...)
- TODO: check
+ NOT-FOR-US: OpenMetadata
CVE-2026-22242 (CoreShop is a Pimcore enhanced eCommerce solution. Prior to
version 4. ...)
- TODO: check
+ NOT-FOR-US: CoreShop
CVE-2026-22241 (The Open eClass platform (formerly known as GUnet eClass) is a
complet ...)
- TODO: check
+ NOT-FOR-US: Open eClass platform
CVE-2026-22235 (OPEXUS eComplaint before version 9.0.45.0 allows an attacker
to visit ...)
- TODO: check
+ NOT-FOR-US: OPEXUS eComplaint
CVE-2026-22234 (OPEXUS eCasePortal before version 9.0.45.0 allows an
unauthenticated a ...)
- TODO: check
+ NOT-FOR-US: OPEXUS eCasePortal
CVE-2026-22233 (OPEXUS eCASE Audit allows an authenticated attacker to save
JavaScript ...)
- TODO: check
+ NOT-FOR-US: OPEXUS eCASE Audit
CVE-2026-22232 (OPEXUS eCASE Audit allows an authenticated attacker to save
JavaScript ...)
- TODO: check
+ NOT-FOR-US: OPEXUS eCASE Audit
CVE-2026-22231 (OPEXUS eCASE Audit allows an authenticated attacker to save
JavaScript ...)
- TODO: check
+ NOT-FOR-US: OPEXUS eCASE Audit
CVE-2026-22230 (OPEXUS eCASE Audit allows an authenticated attacker to modify
client-s ...)
- TODO: check
+ NOT-FOR-US: OPEXUS eCASE Audit
CVE-2026-22043 (RustFS is a distributed object storage system built in Rust.
In versio ...)
- TODO: check
+ NOT-FOR-US: RustFS
CVE-2026-22042 (RustFS is a distributed object storage system built in Rust.
Prior to ...)
- TODO: check
+ NOT-FOR-US: RustFS
CVE-2026-22041 (Logging Redactor is a Python library designed to redact
sensitive data ...)
TODO: check
CVE-2026-22034 (Snuffleupagus is a module that raises the cost of attacks
against webs ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0dd6454aada69eb079e37acb28fa4d2a4ac6e399
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0dd6454aada69eb079e37acb28fa4d2a4ac6e399
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
