Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
235c8395 by Moritz Muehlenhoff at 2026-06-24T20:40:29+02:00
NFus

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -848,15 +848,15 @@ CVE-2026-12958 (Missing symlink validation in Language 
Servers for AWS may allow
 CVE-2026-12957 (Improper trust boundary enforcement in Language Servers for 
AWS before ...)
        NOT-FOR-US: Amazon
 CVE-2026-11772 (DRIMO CMS is vulnerable to Reflected XSS via q parameter in 
searching  ...)
-       TODO: check
+       NOT-FOR-US: DRIMO CMS
 CVE-2026-11374 (In ManageEngine ADSelfService Plus, RecoveryManager Plus, M365 
Manager ...)
        NOT-FOR-US: Zoho
 CVE-2026-10857 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: AKIN e-commerce
 CVE-2026-10711 (Missing authentication for critical function vulnerability in 
AKIN Sof ...)
-       TODO: check
+       NOT-FOR-US: AKIN CafePlus
 CVE-2026-10609 (A missing authorization flaw was found in the OpenShift 
Cluster Loggin ...)
-       TODO: check
+       NOT-FOR-US: OpenShift
 CVE-2026-10521 (An high privileged remote attacker can access a hidden 
configuration m ...)
        TODO: check
 CVE-2026-0864 (When using the "configparser" module to write configuration 
files cont ...)
@@ -864,17 +864,17 @@ CVE-2026-0864 (When using the "configparser" module to 
write configuration files
 CVE-2025-71382 (MuPDF before 1.27.0-rc1 contains an uncontrolled recursion 
vulnerabili ...)
        TODO: check
 CVE-2025-71376 (picklescan before 0.0.29 fails to detect malicious pickle 
files using  ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71370 (picklescan before 0.0.28 fails to detect malicious 
torch.jit.unsupport ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71365 (picklescan before 0.0.33 fails to detect malicious pickle 
files that i ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71341 (picklescan before 0.0.29 fails to detect the 
profile.Profile.runctx fu ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71337 (Flowise before 3.0.10 (affected versions 3.0.7 and earlier) 
contains a ...)
-       TODO: check
+       NOT-FOR-US: Flowise
 CVE-2025-62180 (Pega Platform versions 8.3.0 through Infinity 25.1.2 are 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Pega Platform
 CVE-2025-61029 (An issue in the sqlo_untry component of openlink 
virtuoso-opensource v ...)
        TODO: check
 CVE-2025-61028 (An issue in the time_t_to_dt component of openlink 
virtuoso-opensource ...)
@@ -898,13 +898,13 @@ CVE-2025-61019 (An issue in the sqlo_key_part_best 
component of openlink virtuos
 CVE-2025-61018 (An issue in the sqlo_place_dt_set component of openlink 
virtuoso-opens ...)
        TODO: check
 CVE-2025-55639 (GPAC MP4Box v2.4 was discovered to contain a NULL pointer 
dereference  ...)
-       TODO: check
+       - gpac <removed>
 CVE-2025-15619 (HCL Connections contains a broken access control vulnerability 
that ma ...)
        NOT-FOR-US: HCL
 CVE-2025-13162 (Uncontrolled Search Path Element vulnerability in ABB Control 
Builder  ...)
        NOT-FOR-US: ABB group
 CVE-2023-54365 (Traefik before 2.10.5 and 3.0.0-beta4 is affected by a 
denial-of-servi ...)
-       TODO: check
+       - traefik <itp> (bug #983289)
 CVE-2026-44517
        - golang-github-containers-buildah <unfixed> (bug #1140619)
        NOTE: 
https://github.com/podman-container-tools/buildah/security/advisories/GHSA-49p4-px3h-rq49



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/235c839530b7b8f494c5b8686d534f4133f503e8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/235c839530b7b8f494c5b8686d534f4133f503e8
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to