[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 11 Mar 2026 02:08:26 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
c7cff454 by Salvatore Bonaccorso at 2026-03-11T10:07:49+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19,9 +19,9 @@ CVE-2026-3222 (The WP Maps plugin for WordPress is vulnerable 
to time-based blin
 CVE-2026-31844 (An authenticated SQL Injection vulnerability (CWE-89) exists 
in the Ko ...)
        - koha <itp> (bug #702134)
 CVE-2026-31838 (Istio is an open platform to connect, manage, and secure 
microservices ...)
-       TODO: check
+       NOT-FOR-US: Istio
 CVE-2026-31837 (Istio is an open platform to connect, manage, and secure 
microservices ...)
-       TODO: check
+       NOT-FOR-US: Istio
 CVE-2026-31834 (Umbraco is an ASP.NET CMS. From 15.3.1 to before 16.5.1 and 
17.2.2, A  ...)
        NOT-FOR-US: Umbraco CMS
 CVE-2026-31833 (Umbraco is an ASP.NET CMS. From 16.2.0 to before 16.5.1 and 
17.2.2, An ...)
@@ -29,13 +29,13 @@ CVE-2026-31833 (Umbraco is an ASP.NET CMS. From 16.2.0 to 
before 16.5.1 and 17.2
 CVE-2026-31832 (Umbraco is an ASP.NET CMS. From 14.0.0 to before 16.5.1 and 
17.2.2, A  ...)
        NOT-FOR-US: Umbraco CMS
 CVE-2026-31830 (sigstore-ruby is a pure Ruby implementation of the sigstore 
verify com ...)
-       TODO: check
+       NOT-FOR-US: sigstore-ruby (Ruby implementation of sigstore)
 CVE-2026-31829 (Flowise is a drag & drop user interface to build a customized 
large la ...)
        NOT-FOR-US: Flowise
 CVE-2026-31828 (Parse Server is an open source backend that can be deployed to 
any inf ...)
-       TODO: check
+       NOT-FOR-US: Parse Server
 CVE-2026-31827 (Alienbin is an anonymous code and text sharing web service. In 
1.0.0 a ...)
-       TODO: check
+       NOT-FOR-US: Alienbin
 CVE-2026-31826 (pypdf is a free and open-source pure-python PDF library. Prior 
to 6.8. ...)
        TODO: check
 CVE-2026-31825 (Sylius is an Open Source eCommerce Framework on Symfony. 
Sylius API fi ...)
@@ -53,7 +53,7 @@ CVE-2026-31820 (Sylius is an Open Source eCommerce Framework 
on Symfony. An auth
 CVE-2026-31819 (Sylius is an Open Source eCommerce Framework on Symfony. 
CurrencySwitc ...)
        NOT-FOR-US: Sylius
 CVE-2026-31817 (OliveTin gives access to predefined shell commands from a web 
interfac ...)
-       TODO: check
+       NOT-FOR-US: OliveTin
 CVE-2026-31815 (Unicorn adds modern reactive component functionality to your 
Django te ...)
        TODO: check
 CVE-2026-31812 (Quinn is a pure-Rust, async-compatible implementation of the 
IETF QUIC ...)
@@ -95,7 +95,7 @@ CVE-2026-30947 (Parse Server is an open source backend that 
can be deployed to a
 CVE-2026-30946 (Parse Server is an open source backend that can be deployed to 
any inf ...)
        NOT-FOR-US: Parse Server
 CVE-2026-30837 (Elysia is a Typescript framework for request validation, type 
inferenc ...)
-       TODO: check
+       NOT-FOR-US: Elysia
 CVE-2026-2918 (The Happy Addons for Elementor plugin for WordPress is 
vulnerable to I ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-2917 (The Happy Addons for Elementor plugin for WordPress is 
vulnerable to I ...)
@@ -117,11 +117,11 @@ CVE-2026-2358 (The WP ULike plugin for WordPress is 
vulnerable to Stored Cross-S
 CVE-2026-2324 (The LatePoint \u2013 Calendar Booking Plugin for Appointments 
and Even ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-29793 (Feathersjs is a framework for creating web APIs and real-time 
applicat ...)
-       TODO: check
+       NOT-FOR-US: Feathersjs
 CVE-2026-29792 (Feathersjs is a framework for creating web APIs and real-time 
applicat ...)
-       TODO: check
+       NOT-FOR-US: Feathersjs
 CVE-2026-29515 (MiCode FileExplorer contains an authentication bypass 
vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: MiCode FileExplorer
 CVE-2026-28807 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
        TODO: check
 CVE-2026-28806 (Improper Authorization vulnerability in nerves-hub 
nerves_hub_web allo ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7cff45484efd187c95bc2a0491899cfb4dd9dc4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7cff45484efd187c95bc2a0491899cfb4dd9dc4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to