Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bd4524be by Moritz Muehlenhoff at 2026-06-02T10:14:30+02:00
auto-nfu: Extend vmware rule
- - - - -
2 changed files:
- data/CVE/list
- data/packages/nfu.yaml
Changes:
=====================================
data/CVE/list
=====================================
@@ -571,9 +571,9 @@ CVE-2026-42251 (Use of hard-coded credentials in KS-SOMED
allowed an unauthorize
CVE-2026-41013 (Input validation bypass in SMB volume mount handling in
CloudFoundry F ...)
NOT-FOR-US: CloudFoundry
CVE-2026-40990 (OOM error is possible while attempting to add infinite amount
of funct ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2026-40989 (Under infinite recursion in the routing layer,
request-handling can ca ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2026-40549 (SOPlanning is vulnerable to Cross\u2011Site Request Forgery
(CSRF) in ...)
NOT-FOR-US: SOPlanning
CVE-2026-40548 (SOPlanning does not verify uploaded file extension. An
authenticated a ...)
=====================================
data/packages/nfu.yaml
=====================================
@@ -672,6 +672,7 @@
- product: Cloud Foundry
- product: Spring AI
- product: Spring Boot
+ - product: Spring Cloud Function
- product: Spring Cloud Gateway
- product: Spring Cloud Gateway Server Webflux
- product: VMware Cloud Foundation
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd4524be294e29be35e0b320cc63664304090eee
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd4524be294e29be35e0b320cc63664304090eee
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
