Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f911279b by Salvatore Bonaccorso at 2026-03-05T22:53:06+01:00
Process some CVEs associated with RustDesk products
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2026-3598 (Use of a Broken or Risky Cryptographic Algorithm vulnerability
in rust ...)
- TODO: check
+ NOT-FOR-US: RustDesk Server Pro (not same as src:rustdesk, itp'ed
#1038942)
CVE-2026-3459 (The Drag and Drop Multiple File Upload - Contact Form 7 plugin
for Wor ...)
NOT-FOR-US: WordPress plugin
CVE-2026-3236 (In affected versions of Octopus Server it was possible to
create a new ...)
@@ -9,31 +9,31 @@ CVE-2026-3047 (A flaw was found in org.keycloak.broker.saml.
When a disabled Sec
CVE-2026-3009 (A security flaw in the IdentityBrokerService.performLogin
endpoint of ...)
TODO: check
CVE-2026-30798 (Insufficient Verification of Data Authenticity, Improper
Handling of E ...)
- TODO: check
+ NOT-FOR-US: RustDesk Client
CVE-2026-30797 (Missing Authorization vulnerability in rustdesk-client
RustDesk Client ...)
- TODO: check
+ NOT-FOR-US: RustDesk Client
CVE-2026-30796 (Cleartext Transmission of Sensitive Information vulnerability
in rustd ...)
- TODO: check
+ NOT-FOR-US: RustDesk Server Pro (not same as src:rustdesk, itp'ed
#1038942)
CVE-2026-30795 (Cleartext Transmission of Sensitive Information vulnerability
in rustd ...)
- TODO: check
+ NOT-FOR-US: RustDesk Client
CVE-2026-30794 (Improper Certificate Validation vulnerability in
rustdesk-client RustD ...)
- TODO: check
+ NOT-FOR-US: RustDesk Client
CVE-2026-30793 (Cross-Site Request Forgery (CSRF) vulnerability in
rustdesk-client Rus ...)
- TODO: check
+ NOT-FOR-US: RustDesk Client
CVE-2026-30792 (A vulnerability in rustdesk-client RustDesk Client
rustdesk-client on ...)
- TODO: check
+ NOT-FOR-US: RustDesk Client
CVE-2026-30791 (Use of a Broken or Risky Cryptographic Algorithm vulnerability
in rust ...)
- TODO: check
+ NOT-FOR-US: RustDesk Client
CVE-2026-30790 (Improper Restriction of Excessive Authentication Attempts, Use
of Pass ...)
- TODO: check
+ - rustdesk <itp> (bug #1038942)
CVE-2026-30789 (Authentication Bypass by Capture-replay, Use of Password Hash
With Ins ...)
- TODO: check
+ NOT-FOR-US: RustDesk Client
CVE-2026-30785 (Improperly Controlled Modification of Object Prototype
Attributes ('Pr ...)
- TODO: check
+ NOT-FOR-US: RustDesk Client
CVE-2026-30784 (Missing Authorization, Missing Authentication for Critical
Function vu ...)
- TODO: check
+ - rustdesk <itp> (bug #1038942)
CVE-2026-30783 (A vulnerability in rustdesk-client RustDesk Client
rustdesk-client on ...)
- TODO: check
+ NOT-FOR-US: RustDesk Client
CVE-2026-2599 (The Database for Contact Form 7, WPforms, Elementor forms
plugin for W ...)
NOT-FOR-US: WordPress plugin
CVE-2026-29054 (Traefik is an HTTP reverse proxy and load balancer. From
version 2.11. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f911279b92fdd479e74000efdad8c1e8e0b2a837
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f911279b92fdd479e74000efdad8c1e8e0b2a837
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
