[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sat, 10 Jan 2026 22:25:31 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
991dcf19 by Salvatore Bonaccorso at 2026-01-11T07:24:55+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2026-0831 (The Templately plugin for WordPress is vulnerable to Arbitrary 
File Wr ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-0824 (A security flaw has been discovered in questdb ui up to 1.11.9. 
Impact ...)
-       TODO: check
+       NOT-FOR-US: questdb ui
 CVE-2026-0822 (A vulnerability was identified in quickjs-ng quickjs up to 
0.11.0. Thi ...)
        TODO: check
 CVE-2026-0821 (A vulnerability was determined in quickjs-ng quickjs up to 
0.11.0. Thi ...)
@@ -15,9 +15,9 @@ CVE-2025-53470 (Out-of-bounds Read vulnerability in Apache  
NimBLE HCI H4 driver
 CVE-2025-52435 (J2EE Misconfiguration: Data Transmission Without Encryption 
vulnerabil ...)
        TODO: check
 CVE-2025-15504 (A security flaw has been discovered in lief-project LIEF up to 
0.17.1. ...)
-       TODO: check
+       NOT-FOR-US: LIEF
 CVE-2025-15503 (A security flaw has been discovered in Sangfor Operation and 
Maintenan ...)
-       TODO: check
+       NOT-FOR-US: Sangfor Operation and Maintenance Management System
 CVE-2025-14976 (The User Registration & Membership \u2013 Custom Registration 
Form Bui ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-14555 (The Countdown Timer \u2013 Widget Countdown plugin for 
WordPress is vu ...)
@@ -52,11 +52,11 @@ CVE-2026-22701 (filelock is a platform-independent file 
lock for Python. Prior t
        NOTE: 
https://github.com/tox-dev/filelock/security/advisories/GHSA-qmgc-5h2g-mvrw
        NOTE: Fixed by: 
https://github.com/tox-dev/filelock/commit/41b42dd2c72aecf7da83dbda5903b8087dddc4d5
 (3.20.3)
 CVE-2026-22700 (RustCrypto: Elliptic Curves is general purpose Elliptic Curve 
Cryptogr ...)
-       TODO: check
+       NOT-FOR-US: RustCrypto Elliptic Curves Rust crate
 CVE-2026-22699 (RustCrypto: Elliptic Curves is general purpose Elliptic Curve 
Cryptogr ...)
-       TODO: check
+       NOT-FOR-US: RustCrypto Elliptic Curves Rust crate
 CVE-2026-22698 (RustCrypto: Elliptic Curves is general purpose Elliptic Curve 
Cryptogr ...)
-       TODO: check
+       NOT-FOR-US: RustCrypto Elliptic Curves Rust crate
 CVE-2026-22697 (CryptoLib provides a software-only solution using the CCSDS 
Space Data ...)
        NOT-FOR-US: NASA CryptoLib
 CVE-2026-22693 (HarfBuzz is a text shaping engine. Prior to version 12.3.0, a 
null poi ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/991dcf194c79d374b92c27ddaadef38d466f4b2e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/991dcf194c79d374b92c27ddaadef38d466f4b2e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to