Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
45a7eea8 by Salvatore Bonaccorso at 2026-04-02T22:34:27+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -92,15 +92,15 @@ CVE-2026-35385 (In OpenSSH before 10.3, a file downloaded
by scp may be installe
- openssh <unfixed>
NOTE: ttps://www.openssh.org/releasenotes.html#10.3p1
CVE-2026-35168 (OpenSTAManager is an open source management software for
technical ass ...)
- TODO: check
+ NOT-FOR-US: OpenSTAManager
CVE-2026-35038 (Signal K Server is a server application that runs on a central
hub in ...)
- TODO: check
+ NOT-FOR-US: Signal K Server
CVE-2026-35002 (Agno versions prior to 2.3.24 contain an arbitrary code
execution vuln ...)
- TODO: check
+ NOT-FOR-US: Agno
CVE-2026-34974 (phpMyFAQ is an open source FAQ web application. Prior to
version 4.1.1 ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2026-34973 (phpMyFAQ is an open source FAQ web application. Prior to
version 4.1.1 ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2026-34890 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-34877 (An issue was discovered in Mbed TLS versions from 2.19.0 up to
3.6.5, ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45a7eea839aec39cd5bb7b01bc34936712321db6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45a7eea839aec39cd5bb7b01bc34936712321db6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
