Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f36e6228 by Salvatore Bonaccorso at 2026-01-22T21:50:54+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -79,11 +79,11 @@ CVE-2026-24034 (Horilla is a free and open source Human
Resource Management Syst
CVE-2026-24010 (Horilla is a free and open source Human Resource Management
System (HR ...)
NOT-FOR-US: Horilla
CVE-2026-24009 (Docling Core (or docling-core) is a library that defines core
data typ ...)
- TODO: check
+ NOT-FOR-US: Docling Core
CVE-2026-24006 (Seroval facilitates JS value stringification, including
complex struct ...)
- TODO: check
+ NOT-FOR-US: Seroval
CVE-2026-24002 (Grist is spreadsheet software using Python as its formula
language. Gr ...)
- TODO: check
+ NOT-FOR-US: Grist
CVE-2026-24001 (jsdiff is a JavaScript text differencing implementation. Prior
to vers ...)
TODO: check
CVE-2026-23996 (FastAPI Api Key provides a backend-agnostic library that
provides an A ...)
@@ -93,9 +93,9 @@ CVE-2026-23992 (go-tuf is a Go implementation of The Update
Framework (TUF). Sta
CVE-2026-23991 (go-tuf is a Go implementation of The Update Framework (TUF).
Starting ...)
TODO: check
CVE-2026-23990 (The Flux Operator is a Kubernetes CRD controller that manages
the life ...)
- TODO: check
+ NOT-FOR-US: Flux Operator
CVE-2026-23986 (Copier is a library and CLI app for rendering project
templates. Prior ...)
- TODO: check
+ NOT-FOR-US: Copier library and CLI app
CVE-2026-23978 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-23976 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -105,7 +105,7 @@ CVE-2026-23975 (Improper Control of Filename for
Include/Require Statement in PH
CVE-2026-23974 (Missing Authorization vulnerability in uxper Golo golo allows
Exploiti ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-23968 (Copier is a library and CLI app for rendering project
templates. Prior ...)
- TODO: check
+ NOT-FOR-US: Copier library and CLI app
CVE-2026-23967 (sm-crypto provides JavaScript implementations of the Chinese
cryptogra ...)
TODO: check
CVE-2026-23966 (sm-crypto provides JavaScript implementations of the Chinese
cryptogra ...)
@@ -121,19 +121,19 @@ CVE-2026-23962 (Mastodon is a free, open-source social
network server based on A
CVE-2026-23961 (Mastodon is a free, open-source social network server based on
Activit ...)
TODO: check
CVE-2026-23960 (Argo Workflows is an open source container-native workflow
engine for ...)
- TODO: check
+ NOT-FOR-US: Argo Workflows
CVE-2026-23959 (CoreShop is a Pimcore enhanced eCommerce solution. An
error-based SQL ...)
- TODO: check
+ NOT-FOR-US: CoreShop
CVE-2026-23958 (Dataease is an open source data visualization analysis tool.
Prior to ...)
NOT-FOR-US: DataEase
CVE-2026-23957 (seroval facilitates JS value stringification, including
complex struct ...)
- TODO: check
+ NOT-FOR-US: Seroval
CVE-2026-23956 (seroval facilitates JS value stringification, including
complex struct ...)
- TODO: check
+ NOT-FOR-US: Seroval
CVE-2026-23951 (SumatraPDF is a multi-format reader for Windows. All versions
contain ...)
- TODO: check
+ NOT-FOR-US: SumatraPDF
CVE-2026-23946 (Tendenci is an open source content management system built for
non-pro ...)
- TODO: check
+ NOT-FOR-US: Tendenci CMS
CVE-2026-23893 (openCryptoki is a PKCS#11 library and provides tooling for
Linux and A ...)
TODO: check
CVE-2026-23887 (Group-Office is an enterprise customer relationship management
and gro ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f36e6228834d3a6cd6b148d96fb183d14f33c796
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f36e6228834d3a6cd6b148d96fb183d14f33c796
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
