Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a11f7364 by Salvatore Bonaccorso at 2026-06-30T10:19:49+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,17 +7,17 @@ CVE-2026-8023 (Zephyr's HTTP server (subsys/net/lib/http)
provides a static-file
CVE-2026-7656 (The IPv6 Neighbor Discovery handlers in
subsys/net/ip/ipv6_nbr.c (hand ...)
NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2026-57997 (Strapi users-permissions plugin fails to restrict JWT
algorithms when ...)
- TODO: check
+ NOT-FOR-US: Strapi users-permissions plugin
CVE-2026-57919 (PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before
26.2 cr ...)
- TODO: check
+ NOT-FOR-US: Matrix42 Empirum
CVE-2026-57498 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-56809 (Multiple laser printers and MFPs (multifunction printers)
which implem ...)
- TODO: check
+ NOT-FOR-US: Ricoh
CVE-2026-56808 (DGM3103SCT provided by AVTECH Security Corporation contains an
OS comm ...)
- TODO: check
+ NOT-FOR-US: AVTECH
CVE-2026-56137 (RPG MAKER MV and MZ provided by Gotcha Gotcha Games Inc.
contain an OS ...)
- TODO: check
+ NOT-FOR-US: Gotcha Gotcha Games Inc.
CVE-2026-55957 (Missing Critical Step in Authentication vulnerability in
Apache Tomcat ...)
- tomcat11 11.0.5-1
[trixie] - tomcat11 11.0.15-1~deb13u1
@@ -30,19 +30,19 @@ CVE-2026-55957 (Missing Critical Step in Authentication
vulnerability in Apache
NOTE:
https://github.com/apache/tomcat/commit/0cd21c0393b8811af22daddbba7b4e7328e2d79e
(10.1.37)
NOTE:
https://github.com/apache/tomcat/commit/c32bbd37ea9ee0aaab848af4ee1c9a76e84240ea
(9.0.101)
CVE-2026-54889 (Improper Neutralization of Input During Web Page Generation
(XSS) vuln ...)
- TODO: check
+ NOT-FOR-US: leandrocp
CVE-2026-54888 (Uncontrolled Recursion vulnerability in leandrocp mdex allows
denial o ...)
- TODO: check
+ NOT-FOR-US: leandrocp
CVE-2026-53429 (Missing Release of Memory after Effective Lifetime
vulnerability in le ...)
- TODO: check
+ NOT-FOR-US: leandrocp
CVE-2026-53426 (Allocation of Resources Without Limits or Throttling
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: leandrocp
CVE-2026-51221 (A buffer overflow in the Get_Attribute_List function of
EIPStackGroup ...)
- TODO: check
+ NOT-FOR-US: EIPStackGroup OpENer
CVE-2026-51219 (A heap buffer overflow in the
HighPriorityASDUQueue_hasUnconfirmedIMes ...)
- TODO: check
+ NOT-FOR-US: lib60870
CVE-2026-51218 (A heap buffer overflow in the
TS7Worker::PerformFunctionWrite() functi ...)
- TODO: check
+ NOT-FOR-US: snap7
CVE-2026-43746 (A use-after-free issue was addressed with improved memory
management. ...)
NOT-FOR-US: Apple
CVE-2026-43745 (An out-of-bounds write issue was addressed with improved input
validat ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a11f736495f46fda8bee6ac2f390a78681cb4a85
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a11f736495f46fda8bee6ac2f390a78681cb4a85
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits