[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend rule for Eclipse

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Feb 9 15:50:32 GMT 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5ecbaed4 by Moritz Muehlenhoff at 2026-02-09T16:50:07+01:00
auto-nfu: Extend rule for Eclipse

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -4416,7 +4416,7 @@ CVE-2026-0746 (The AI Engine plugin for WordPress is vulnerable to Server-Side R
 CVE-2026-0705 (Local privilege escalation due to insecure folder permissions. The fol ...)
 	NOT-FOR-US: Acronis
 CVE-2026-0648 (The vulnerability stems from an incorrect error-checking logic in the  ...)
-	TODO: check
+	NOT-FOR-US: Eclipse
 CVE-2025-69565 (code-projects Mobile Shop Management System 1.0 is vulnerable to File  ...)
 	NOT-FOR-US: code-projects
 CVE-2025-69564 (code-projects Mobile Shop Management System 1.0 is vulnerable to SQL I ...)
@@ -4436,9 +4436,9 @@ CVE-2025-68670 (xrdp is an open source RDP server. xrdp before v0.10.5 contains
 CVE-2025-65264 (The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate u ...)
 	NOT-FOR-US: CPUID CPU-Z
 CVE-2025-55102 (A denial-of-service vulnerability exists in the NetX IPv6 component fu ...)
-	TODO: check
+	NOT-FOR-US: Eclipse
 CVE-2025-55095 (The function _ux_host_class_storage_media_mount()is responsible for mo ...)
-	TODO: check
+	NOT-FOR-US: Eclipse
 CVE-2025-41728 (A low privileged remote attacker may be able to disclose confidential  ...)
 	NOT-FOR-US: Beckhoff Automation
 CVE-2025-41727 (A local low privileged attacker can bypass the authentication of the D ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -391,6 +391,9 @@
     - anyOf:
       - product: Eclipse Cyclone DDS
       - product: Eclipse Glassfish
+      - product: Eclipse ThreadX
+      - product: Eclipse ThreadX - NetX Duo
+      - product: Eclipse ThreadX - USBX
       - product: Eclipse Vert.x
       - product: Eclipse OMR
       - product: FileX



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ecbaed47bee64ca21189c50689e415f600d6ff9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ecbaed47bee64ca21189c50689e415f600d6ff9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260209/071dad0f/attachment.htm>

More information about the debian-security-tracker-commits mailing list