Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8fb9bf53 by Salvatore Bonaccorso at 2026-07-02T11:21:43+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -59,9 +59,9 @@ CVE-2026-55688 (The AsyncHttpClient (AHC) library allows Java 
applications to ea
        NOTE: Fixed by: 
https://github.com/AsyncHttpClient/async-http-client/commit/e6955c1e3951cf80e286981d064f6c926ce33f47
 (async-http-client-project-3.0.11)
        NOTE: Fixed by: 
https://github.com/AsyncHttpClient/async-http-client/commit/8e4069cf3c92abe099db5fb13378ac2fe9e1fd3b
 (async-http-client-project-2.16.0)
 CVE-2026-55661 (Tina is a headless content management system. In versions 
prior to @ti ...)
-       TODO: check
+       NOT-FOR-US: Tina CMS
 CVE-2026-55660 (Tina is a headless content management system. In versions 
prior to @ti ...)
-       TODO: check
+       NOT-FOR-US: Tina CMS
 CVE-2026-55153 (mchange-commons-java is a Java library of shared utility 
classes used  ...)
        TODO: check
 CVE-2026-54908 (Pion DTLS is a Go implementation of Datagram Transport Layer 
Security. ...)
@@ -380,7 +380,7 @@ CVE-2026-56152 (Incorrect Authorization (CWE-863) in 
Elastic Defend can lead to
 CVE-2026-56151 (Improper Input Validation (CWE-20) in Kibana can lead to a 
denial of s ...)
        - kibana <itp> (bug #700337)
 CVE-2026-56150 (Allocation of Resources Without Limits or Throttling (CWE-770) 
in Flee ...)
-       TODO: check
+       NOT-FOR-US: Fleet Server
 CVE-2026-56149 (Allocation of Resources Without Limits or Throttling (CWE-770) 
in Elas ...)
        TODO: check
 CVE-2026-56148 (Uncontrolled Recursion (CWE-674) in Elasticsearch can lead to 
a denial ...)
@@ -957,7 +957,7 @@ CVE-2026-56224 (Capgo console.capgo.app/login before 
12.128.2 accepts access_tok
 CVE-2026-56219 (Capgo before 12.128.2 contains a NULL-auth bypass 
vulnerability in the ...)
        NOT-FOR-US: Cap-go
 CVE-2026-55721 (Storage Concentrator (SC & SCVM) is vulnerable to SQL 
injection throug ...)
-       TODO: check
+       NOT-FOR-US: Storage Concentrator (SC & SCVM)
 CVE-2026-55223 (c3p0 is a JDBC Connection pooling library. In versions prior 
to 0.14.0 ...)
        TODO: check
 CVE-2026-54903 (Oj (Optimized JSON) is a JSON parser and Object marshaller 
packaged as ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8fb9bf532e1b5aa488ed8d028e3218803d994d95

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8fb9bf532e1b5aa488ed8d028e3218803d994d95
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to