Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fafbd60b by Salvatore Bonaccorso at 2026-07-06T21:34:21+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,9 +3,9 @@ CVE-2026-9182 (ArcGIS Server contains an unrestricted file 
upload vulnerability.
 CVE-2026-9181 (ArcGIS Server contains a directory traversal vulnerability.  An 
unauth ...)
        NOT-FOR-US: Esri
 CVE-2026-9165 (A flaw was found in Red Hat Advanced Cluster Security for 
Kubernetes ( ...)
-       TODO: check
+       NOT-FOR-US: Red Hat Advanced Cluster Security for Kubernetes (RHACS)
 CVE-2026-7185 (A validation vulnerability has been identified in certain web 
features ...)
-       TODO: check
+       NOT-FOR-US: T-Systems
 CVE-2026-6901 (Untrusted Search Path vulnerability in B&R Industrial 
Automation GmbH  ...)
        NOT-FOR-US: ABB group
 CVE-2026-6900 (Improper certificate validation vulnerability in B&R Industrial 
Automa ...)
@@ -21,19 +21,19 @@ CVE-2026-59195 (pnpm is a package manager. Prior to 10.34.4 
and 11.8.0, pnpm acc
 CVE-2026-59194 (pnpm is a package manager. Prior to 10.34.4 and 11.7.0, a 
crafted patc ...)
        - pnpm <itp> (bug #985669)
 CVE-2026-59152 (LangSmith Client SDKs provide SDK's for interacting with the 
LangSmith ...)
-       TODO: check
+       NOT-FOR-US: LangSmith Client SDK
 CVE-2026-58380 (A flaw was found in GIMP's PNM file format parser. When 
parsing a spec ...)
        - gimp 3.2.4-1
        NOTE: https://gitlab.gnome.org/GNOME/gimp/-/work_items/16206
        NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/8369981756fc2742226b79296fd1886156001d94
 (GIMP_3_2_4)
 CVE-2026-58226 (Inefficient Algorithmic Complexity vulnerability in 
elixir-mint hpax a ...)
-       TODO: check
+       NOT-FOR-US: elixir-mint Mint
 CVE-2026-58203 (pydantic-settings provides settings management using Pydantic. 
From 2. ...)
        - pydantic-settings 2.14.2-1
        [trixie] - pydantic-settings <not-affected> (Vulnerable code not 
present)
        NOTE: 
https://github.com/pydantic/pydantic-settings/security/advisories/GHSA-4xgf-cpjx-pc3j
 CVE-2026-56810 (Allocation of Resources Without Limits or Throttling 
vulnerability in  ...)
-       TODO: check
+       NOT-FOR-US: elixir-mint Mint
 CVE-2026-56140 (Improper Input Validation vulnerability in Apache Camel AWS 
SNS compon ...)
        TODO: check
 CVE-2026-56139 (Generation of Error Message Containing Sensitive Information 
vulnerabi ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fafbd60b0da34059427abee50be644bc43fbf07f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fafbd60b0da34059427abee50be644bc43fbf07f
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to