Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b56ab787 by Salvatore Bonaccorso at 2026-01-27T09:41:38+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2026-24686 (go-tuf is a Go implementation of The Update
Framework (TUF). go-
NOTE:
https://github.com/theupdateframework/go-tuf/security/advisories/GHSA-jqc5-w2xx-5vq4
NOTE:
https://github.com/theupdateframework/go-tuf/commit/d361e2ea24e427581343dee5c7a32b485d79fcc0
(v2.4.1)
CVE-2026-24490 (MobSF is a mobile application security testing tool used.
Prior to ver ...)
- TODO: check
+ NOT-FOR-US: Mobile Security Framework (MobSF)
CVE-2026-24489 (Gakido is a Python HTTP client focused on browser
impersonation and an ...)
TODO: check
CVE-2026-24486 (Python-Multipart is a streaming multipart parser for Python.
Prior to ...)
@@ -17,15 +17,15 @@ CVE-2026-24486 (Python-Multipart is a streaming multipart
parser for Python. Pri
CVE-2026-24480 (QGIS is a free, open source, cross platform geographical
information s ...)
TODO: check
CVE-2026-24479 (HUSTOF is an open source online judge based on
PHP/C++/MySQL/Linux for ...)
- TODO: check
+ NOT-FOR-US: HUSTOF
CVE-2026-24478 (AnythingLLM is an application that turns pieces of content
into contex ...)
- TODO: check
+ NOT-FOR-US: AnythingLLM
CVE-2026-24477 (AnythingLLM is an application that turns pieces of content
into contex ...)
- TODO: check
+ NOT-FOR-US: AnythingLLM
CVE-2026-24476 (Shaarli is a personal bookmarking service. Prior to version
0.16.0, cr ...)
TODO: check
CVE-2026-24470 (Skipper is an HTTP router and reverse proxy for service
composition. P ...)
- TODO: check
+ NOT-FOR-US: Zalando Skipper
CVE-2026-24408 (sigstore-python is a Python tool for generating and verifying
Sigstore ...)
TODO: check
CVE-2026-24400 (AssertJ provides Fluent testing assertions for Java and the
Java Virtu ...)
@@ -33,11 +33,11 @@ CVE-2026-24400 (AssertJ provides Fluent testing assertions
for Java and the Java
CVE-2026-24131 (pnpm is a package manager. Prior to version 10.28.2, when pnpm
process ...)
TODO: check
CVE-2026-24123 (BentoML is a Python library for building online serving
systems optimi ...)
- TODO: check
+ NOT-FOR-US: BentoML
CVE-2026-24056 (pnpm is a package manager. Prior to version 10.28.2, when pnpm
install ...)
TODO: check
CVE-2026-24003 (EVerest is an EV charging software stack. In versions up to
and includ ...)
- TODO: check
+ NOT-FOR-US: EVerest
CVE-2026-23890 (pnpm is a package manager. Prior to version 10.28.1, a path
traversal ...)
TODO: check
CVE-2026-23889 (pnpm is a package manager. Prior to version 10.28.1, a path
traversal ...)
@@ -53,13 +53,13 @@ CVE-2026-22696 (dcap-qvl implements the quote verification
logic for DCAP (Data
CVE-2026-21408 (beat-access for Windows version 3.0.3 and prior contains an
issue with ...)
TODO: check
CVE-2026-1449 (A flaw has been found in Hisense TransTech Smart Bus Management
System ...)
- TODO: check
+ NOT-FOR-US: Hisense TransTech Smart Bus Management System
CVE-2026-1448 (A vulnerability was detected in D-Link DIR-615 up to 4.10. This
impact ...)
NOT-FOR-US: D-Link
CVE-2026-1445 (A vulnerability was found in iJason-Liu Books_Manager up to
298ba73638 ...)
- TODO: check
+ NOT-FOR-US: iJason-Liu Books_Manager
CVE-2026-1444 (A vulnerability has been found in iJason-Liu Books_Manager up
to 298ba ...)
- TODO: check
+ NOT-FOR-US: iJason-Liu Books_Manager
CVE-2026-1443 (A flaw has been found in code-projects Online Music Site 1.0.
Affected ...)
NOT-FOR-US: code-projects
CVE-2026-1361 (ASDA-Soft Stack-based Buffer Overflow Vulnerability)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b56ab7872499c467b661488491d6970c84ed4609
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b56ab7872499c467b661488491d6970c84ed4609
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
