[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 28 Jan 2026 00:49:46 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8c34825e by Salvatore Bonaccorso at 2026-01-28T09:49:08+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2026-24910 (In Bun before 1.3.5, the default trusted dependencies list 
(aka trust  ...)
        - bun <itp> (bug #1014479)
 CVE-2026-24909 (vlt before 1.0.0-rc.10 mishandles path sanitization for tar, 
leading t ...)
-       TODO: check
+       NOT-FOR-US: vlt
 CVE-2026-24867
        REJECTED
 CVE-2026-24866
@@ -21,25 +21,25 @@ CVE-2026-24860
 CVE-2026-24859
        REJECTED
 CVE-2026-24852 (iccDEV provides a set of libraries and tools that allow for 
the intera ...)
-       TODO: check
+       NOT-FOR-US: iccDEV
 CVE-2026-24850 (The ML-DSA crate is a Rust implementation of the 
Module-Lattice-Based  ...)
        TODO: check
 CVE-2026-24842 (node-tar,a Tar for Node.js, contains a vulnerability in 
versions prior ...)
        TODO: check
 CVE-2026-24841 (Dokploy is a free, self-hostable Platform as a Service (PaaS). 
In vers ...)
-       TODO: check
+       NOT-FOR-US: Dokploy
 CVE-2026-24840 (Dokploy is a free, self-hostable Platform as a Service (PaaS). 
In vers ...)
-       TODO: check
+       NOT-FOR-US: Dokploy
 CVE-2026-24839 (Dokploy is a free, self-hostable Platform as a Service (PaaS). 
In vers ...)
-       TODO: check
+       NOT-FOR-US: Dokploy
 CVE-2026-24838 (DNN (formerly DotNetNuke) is an open-source web content 
management pla ...)
-       TODO: check
+       NOT-FOR-US: DNN (formerly DotNetNuke)
 CVE-2026-24837 (DNN (formerly DotNetNuke) is an open-source web content 
management pla ...)
-       TODO: check
+       NOT-FOR-US: DNN (formerly DotNetNuke)
 CVE-2026-24836 (DNN (formerly DotNetNuke) is an open-source web content 
management pla ...)
-       TODO: check
+       NOT-FOR-US: DNN (formerly DotNetNuke)
 CVE-2026-24833 (DNN (formerly DotNetNuke) is an open-source web content 
management pla ...)
-       TODO: check
+       NOT-FOR-US: DNN (formerly DotNetNuke)
 CVE-2026-24785 (Clatter is a no_std compatible, pure Rust implementation of 
the Noise  ...)
        TODO: check
 CVE-2026-24784 (DNN (formerly DotNetNuke) is an open-source web content 
management pla ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c34825e351c9670ef776d6f2747e901572ef90b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c34825e351c9670ef776d6f2747e901572ef90b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to