Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ed4a7ad5 by security tracker role at 2026-01-10T08:13:41+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -71,7 +71,7 @@ CVE-2026-22594 (Ghost is a Node.js content management system.
In versions 5.105.
CVE-2026-22589 (Spree is an open source e-commerce solution built with Ruby on
Rails. ...)
TODO: check
CVE-2026-22584 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Salesforce
CVE-2026-22030 (React Router is a router for React. In
@remix-run/server-runtime versi ...)
TODO: check
CVE-2026-22029 (React Router is a router for React. In @remix-run/router
version prior ...)
@@ -97,15 +97,15 @@ CVE-2026-21897 (CryptoLib provides a software-only solution
using the CCSDS Spac
CVE-2026-21884 (React Router is a router for React. In @remix-run/react
version prior ...)
TODO: check
CVE-2026-0830 (Processing specially crafted workspace folder names could allow
for ar ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2025-68470 (React Router is a router for React. In versions 6.0.0 through
6.30.1 a ...)
TODO: check
CVE-2025-65091 (XWiki Full Calendar Macro displays objects from the wiki on
the calend ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2025-65090 (XWiki Full Calendar Macro displays objects from the wiki on
the calend ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2025-62487 (### Details On October 1, 2025, Palantir discovered that
images upload ...)
- TODO: check
+ NOT-FOR-US: Palantir
CVE-2025-61686 (React Router is a router for React. In @react-router/node
versions 7.0 ...)
TODO: check
CVE-2025-61676 (October is a Content Management System (CMS) and web platform.
Prior t ...)
@@ -119,13 +119,13 @@ CVE-2025-59057 (React Router is a router for React. In
@remix-run/react versions
CVE-2025-51626 (SQL injection vulnerability in pss.sale.com 1.0 via the id
parameter t ...)
TODO: check
CVE-2025-46299 (A memory initialization issue was addressed with improved
memory handl ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46298 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46297 (A permissions issue was addressed with additional
restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46286 (A logic issue was addressed with improved validation. This
issue is fi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-15502 (A vulnerability was identified in Sangfor Operation and
Maintenance Ma ...)
TODO: check
CVE-2025-15501 (A vulnerability was determined in Sangfor Operation and
Maintenance Ma ...)
@@ -135,11 +135,11 @@ CVE-2025-15500 (A vulnerability was found in Sangfor
Operation and Maintenance M
CVE-2025-15499 (A vulnerability has been found in Sangfor Operation and
Maintenance Ma ...)
TODO: check
CVE-2025-14948 (The miniOrange OTP Verification and SMS Notification for
WooCommerce p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14943 (The Blog2Social: Social Media Auto Post & Scheduler plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13457 (The WooCommerce Square plugin for WordPress is vulnerable to
Insecure ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-22198 (GestSup versions up to and including 3.2.56 contain a
pre-authenticati ...)
NOT-FOR-US: GestSup
CVE-2026-22197 (GestSup versions up to and including 3.2.56 contain multiple
SQL injec ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed4a7ad546c3378d9dcb7a078e7c1a3f3b1ed0bc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed4a7ad546c3378d9dcb7a078e7c1a3f3b1ed0bc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
