Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
97ed6254 by Salvatore Bonaccorso at 2026-07-01T06:35:32+02:00
auto-nfu: Add rule for NetScaler CNA

The CNA will assign only CVEs for NetScaler issues.

- - - - -
cbb189d0 by Salvatore Bonaccorso at 2026-07-01T06:37:41+02:00
Process some NFUs

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2026-9263 (The Zephyr Bluetooth controller ISO Adaptation 
Layer (subsys/blue
 CVE-2026-8864 (The HP Fan Control App might allow local escalation of 
privileges. An  ...)
        NOT-FOR-US: HP
 CVE-2026-8655 (Multiple Memory overflow vulnerabilities inNetScaler ADC and 
NetScaler ...)
-       TODO: check
+       NOT-FOR-US: NetScaler
 CVE-2026-8452 (Memory overflow vulnerabilityNetScaler ADC and NetScaler 
Gatewayleadin ...)
        NOT-FOR-US: Citrix
 CVE-2026-8451 (Insufficient input validation inNetScaler ADC and NetScaler 
Gatewaylea ...)
@@ -208,7 +208,7 @@ CVE-2026-14162 (Hospital Queuing Management developed by 
Advantech has a Sensiti
 CVE-2026-14161 (Hospital Quening Management developed by Advantech has a 
Sensitive Dat ...)
        NOT-FOR-US: Advantech
 CVE-2026-13474 (Denial of service via malformed HTTP/2 requests inNetScaler 
ADC and Ne ...)
-       TODO: check
+       NOT-FOR-US: NetScaler
 CVE-2026-13455 (PostgreSQL Anonymizer contains a vulnerability that allows 
unprivilege ...)
        TODO: check
 CVE-2026-13316 (A flaw has been found in foreman when HTTP parameters are 
modified in  ...)
@@ -224,9 +224,9 @@ CVE-2026-12388 (A flaw was found in the Identity Provider 
(IdP) mapper component
 CVE-2026-12076 (Raytha CMS is vulnerable to SQL Injection within the OData 
filter pars ...)
        TODO: check
 CVE-2026-10817 (Insufficient input validation leading to memory overread 
inNetScaler A ...)
-       TODO: check
+       NOT-FOR-US: NetScaler
 CVE-2026-10816 (Arbitrary File Read (Unauthenticated) inNetScaler ADC and 
NetScaler Ga ...)
-       TODO: check
+       NOT-FOR-US: NetScaler
 CVE-2026-10763 (PROMOD V is using insecure HTTP communication instead of 
HTTPS. The vu ...)
        NOT-FOR-US: Hitachi Energy
 CVE-2026-10655 (The asynchronous SNTP client in Zephyr 
(subsys/net/lib/sntp/sntp.c, sn ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -179,6 +179,8 @@
   cna: NI
 - reason: NetApp
   cna: netapp
+- reason: NetScaler
+  cna: NetScaler
 - reason: Netskope
   cna: Netskope
 - reason: Nokia



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2dae080dc79c5594b9117f3287d57ad62a652c95...cbb189d04ed393c4f50532b2182797f90a3ce0f4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2dae080dc79c5594b9117f3287d57ad62a652c95...cbb189d04ed393c4f50532b2182797f90a3ce0f4
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to