Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
86e82ec0 by Salvatore Bonaccorso at 2026-06-30T23:37:30+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -32,7 +32,7 @@ CVE-2026-58374 (In hostapd before 2.12, a missing bounds
check in AP-mode Wi-Fi
- wpa <unfixed>
NOTE: https://w1.fi/security/2026-1/missing-ml-parsing-validation.txt
CVE-2026-58373 (CVAT before 2.69.0 contains an improper authorization
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Computer Vision Annotation Tool (CVAT)
CVE-2026-58372 (SeaweedFS before 4.34 contains a path traversal vulnerability
in the S ...)
TODO: check
CVE-2026-58371 (SeaweedFS before 4.30 reflects the callback query parameter
verbatim i ...)
@@ -42,9 +42,9 @@ CVE-2026-58370 (Woodpecker before 3.15.0 matches the
ApprovalAllowedUsers bypass
CVE-2026-58369 (Woodpecker before 3.15.0 registers the
/api/orgs/lookup/*org_full_name ...)
TODO: check
CVE-2026-58176 (RuoYi-Vue-Plus through 5.6.2, fixed in commit 88d03d9, exposes
workflo ...)
- TODO: check
+ NOT-FOR-US: RuoYi-Vue-Plus
CVE-2026-58174 (Hermes WebUI before 0.51.521 validates the workspace of an
imported se ...)
- TODO: check
+ NOT-FOR-US: Hermes WebUI
CVE-2026-58173 (Vibe-Trading before 0.1.10 contains a path traversal
vulnerability tha ...)
TODO: check
CVE-2026-58172 (Ocelot through 24.1.0, fixed in commit f156fd4, contains a
security co ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86e82ec02b2bb1342efa0046ea20ae1bc05f5f33
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86e82ec02b2bb1342efa0046ea20ae1bc05f5f33
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits