Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fafbd60b by Salvatore Bonaccorso at 2026-07-06T21:34:21+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,9 +3,9 @@ CVE-2026-9182 (ArcGIS Server contains an unrestricted file
upload vulnerability.
CVE-2026-9181 (ArcGIS Server contains a directory traversal vulnerability. An
unauth ...)
NOT-FOR-US: Esri
CVE-2026-9165 (A flaw was found in Red Hat Advanced Cluster Security for
Kubernetes ( ...)
- TODO: check
+ NOT-FOR-US: Red Hat Advanced Cluster Security for Kubernetes (RHACS)
CVE-2026-7185 (A validation vulnerability has been identified in certain web
features ...)
- TODO: check
+ NOT-FOR-US: T-Systems
CVE-2026-6901 (Untrusted Search Path vulnerability in B&R Industrial
Automation GmbH ...)
NOT-FOR-US: ABB group
CVE-2026-6900 (Improper certificate validation vulnerability in B&R Industrial
Automa ...)
@@ -21,19 +21,19 @@ CVE-2026-59195 (pnpm is a package manager. Prior to 10.34.4
and 11.8.0, pnpm acc
CVE-2026-59194 (pnpm is a package manager. Prior to 10.34.4 and 11.7.0, a
crafted patc ...)
- pnpm <itp> (bug #985669)
CVE-2026-59152 (LangSmith Client SDKs provide SDK's for interacting with the
LangSmith ...)
- TODO: check
+ NOT-FOR-US: LangSmith Client SDK
CVE-2026-58380 (A flaw was found in GIMP's PNM file format parser. When
parsing a spec ...)
- gimp 3.2.4-1
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/work_items/16206
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/8369981756fc2742226b79296fd1886156001d94
(GIMP_3_2_4)
CVE-2026-58226 (Inefficient Algorithmic Complexity vulnerability in
elixir-mint hpax a ...)
- TODO: check
+ NOT-FOR-US: elixir-mint Mint
CVE-2026-58203 (pydantic-settings provides settings management using Pydantic.
From 2. ...)
- pydantic-settings 2.14.2-1
[trixie] - pydantic-settings <not-affected> (Vulnerable code not
present)
NOTE:
https://github.com/pydantic/pydantic-settings/security/advisories/GHSA-4xgf-cpjx-pc3j
CVE-2026-56810 (Allocation of Resources Without Limits or Throttling
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: elixir-mint Mint
CVE-2026-56140 (Improper Input Validation vulnerability in Apache Camel AWS
SNS compon ...)
TODO: check
CVE-2026-56139 (Generation of Error Message Containing Sensitive Information
vulnerabi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fafbd60b0da34059427abee50be644bc43fbf07f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fafbd60b0da34059427abee50be644bc43fbf07f
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits