[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Jun 17 09:44:53 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
89236f2f by Moritz Muehlenhoff at 2026-06-17T10:44:23+02:00
auto-nfu: Extend Oracle rule
- - - - -
2 changed files:
- data/CVE/list
- data/packages/nfu.yaml
Changes:
=====================================
data/CVE/list
=====================================
@@ -79,11 +79,11 @@ CVE-2026-46964 (Vulnerability in the Oracle Universal Work Queue product of Orac
CVE-2026-46963 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
NOT-FOR-US: Oracle
CVE-2026-46962 (Vulnerability in the Oracle Project Portfolio Analysis product of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46961 (Vulnerability in the Oracle Project Portfolio Analysis product of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46960 (Vulnerability in the Oracle Project Portfolio Analysis product of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46959 (Vulnerability in the Oracle Subledger Accounting product of Oracle E-B ...)
NOT-FOR-US: Oracle
CVE-2026-46958 (Vulnerability in the Oracle Subledger Accounting product of Oracle E-B ...)
@@ -91,7 +91,7 @@ CVE-2026-46958 (Vulnerability in the Oracle Subledger Accounting product of Orac
CVE-2026-46957 (Vulnerability in the Oracle iSupplier Portal product of Oracle E-Busin ...)
NOT-FOR-US: Oracle
CVE-2026-46956 (Vulnerability in the Oracle Property Manager product of Oracle E-Busin ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46955 (Vulnerability in the Oracle Human Resources product of Oracle E-Busine ...)
NOT-FOR-US: Oracle
CVE-2026-46953 (Vulnerability in the Oracle HRMS (UK) product of Oracle E-Business Sui ...)
@@ -121,7 +121,7 @@ CVE-2026-46939 (Vulnerability in the Oracle Configure to Order product of Oracle
CVE-2026-46938 (Vulnerability in the Oracle Cost Management product of Oracle E-Busine ...)
NOT-FOR-US: Oracle
CVE-2026-46937 (Vulnerability in the Oracle iSetup product of Oracle E-Business Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46935 (Vulnerability in the Oracle Complex Maintenance, Repair and Overhaul p ...)
NOT-FOR-US: Oracle
CVE-2026-46934 (Vulnerability in the Oracle Complex Maintenance, Repair and Overhaul p ...)
@@ -171,7 +171,7 @@ CVE-2026-46910 (Vulnerability in the JD Edwards EnterpriseOne Tools product of O
CVE-2026-46909 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
NOT-FOR-US: Oracle
CVE-2026-46908 (Vulnerability in the JD Edwards EnterpriseOne Accounts Payable product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46907 (Vulnerability in the JD Edwards EnterpriseOne Order Promising product ...)
NOT-FOR-US: Oracle
CVE-2026-46906 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
@@ -201,11 +201,11 @@ CVE-2026-46895 (Vulnerability in the Oracle Enterprise Command Center Framework
CVE-2026-46894 (Vulnerability in the Oracle iSupplier Portal product of Oracle E-Busin ...)
NOT-FOR-US: Oracle
CVE-2026-46893 (Vulnerability in the JD Edwards EnterpriseOne General Ledger product o ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46892 (Vulnerability in the JD Edwards EnterpriseOne Human Resources Manageme ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46891 (Vulnerability in the JD Edwards EnterpriseOne Accounts Payable product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46890 (Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel ...)
NOT-FOR-US: Oracle
CVE-2026-46889 (Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel ...)
@@ -217,7 +217,7 @@ CVE-2026-46887 (Vulnerability in the Siebel Apps - Marketing product of Oracle S
CVE-2026-46886 (Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel ...)
NOT-FOR-US: Oracle
CVE-2026-46885 (Vulnerability in the Siebel CRM Integration product of Oracle Siebel C ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46884 (Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel ...)
NOT-FOR-US: Oracle
CVE-2026-46883 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
@@ -269,7 +269,7 @@ CVE-2026-46860 (Vulnerability in the MySQL Router product of Oracle MySQL (compo
CVE-2026-46859 (Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain ( ...)
NOT-FOR-US: Oracle
CVE-2026-46858 (Vulnerability in the APM - Application Performance Management product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46857 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
NOT-FOR-US: Oracle
CVE-2026-46856 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
@@ -285,7 +285,7 @@ CVE-2026-46852 (Vulnerability in the Oracle Enterprise Manager Base Platform pro
CVE-2026-46851 (Vulnerability in the PeopleSoft Enterprise CS Campus Community product ...)
NOT-FOR-US: Oracle
CVE-2026-46850 (Vulnerability in the MySQL Shell product of Oracle MySQL (component: S ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46849 (Vulnerability in the PeopleSoft Enterprise CS Student Financials produ ...)
NOT-FOR-US: Oracle
CVE-2026-46848 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
@@ -313,7 +313,7 @@ CVE-2026-46814 (Vulnerability in the Oracle WebCenter Portal product of Oracle F
CVE-2026-46813 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
NOT-FOR-US: Oracle
CVE-2026-46812 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46810 (Vulnerability in the Identity Manager product of Oracle Fusion Middlew ...)
NOT-FOR-US: Oracle
CVE-2026-46809 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
@@ -347,11 +347,11 @@ CVE-2026-46796 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fu
CVE-2026-46795 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
NOT-FOR-US: Oracle
CVE-2026-46794 (Vulnerability in the Identity Manager Connector product of Oracle Fusi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46793 (Vulnerability in the Identity Manager Connector product of Oracle Fusi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46792 (Vulnerability in the Identity Manager Connector product of Oracle Fusi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46791 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
NOT-FOR-US: Oracle
CVE-2026-46790 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
@@ -371,15 +371,15 @@ CVE-2026-46784 (Vulnerability in the WebCenter Content: Imaging product of Oracl
CVE-2026-46783 (Vulnerability in the WebCenter Content: Imaging product of Oracle Fusi ...)
TODO: check
CVE-2026-46782 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46781 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46780 (Vulnerability in the WebCenter Content: Imaging product of Oracle Fusi ...)
TODO: check
CVE-2026-46779 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46778 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46777 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
NOT-FOR-US: Oracle
CVE-2026-46776 (Vulnerability in the Oracle Unified Directory product of Oracle Fusion ...)
@@ -487,9 +487,9 @@ CVE-2026-35316 (Vulnerability in the Oracle WebCenter Content product of Oracle
CVE-2026-35315 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
NOT-FOR-US: Oracle
CVE-2026-35314 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35313 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35312 (Vulnerability in the Oracle Virtual Directory product of Oracle Fusion ...)
TODO: check
CVE-2026-35311 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
@@ -525,7 +525,7 @@ CVE-2026-35296 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fu
CVE-2026-35295 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
NOT-FOR-US: Oracle
CVE-2026-35294 (Vulnerability in the Identity Manager Connector product of Oracle Fusi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35293 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
NOT-FOR-US: Oracle
CVE-2026-35292 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
@@ -539,17 +539,17 @@ CVE-2026-35288 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools produc
CVE-2026-35286 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
NOT-FOR-US: Oracle
CVE-2026-35285 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35284 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35283 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35282 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35281 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35280 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35279 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of O ...)
TODO: check
CVE-2026-35278 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of O ...)
@@ -579,7 +579,7 @@ CVE-2026-35263 (Vulnerability in the WebLogic Server product of Oracle Fusion Mi
CVE-2026-35262 (Vulnerability in the Oracle Data Integrator product of Oracle Fusion M ...)
TODO: check
CVE-2026-35261 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35259 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
TODO: check
CVE-2026-35258 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
=====================================
data/packages/nfu.yaml
=====================================
@@ -580,11 +580,17 @@
allOf:
- cna: oracle
- anyOf:
+ - product: APM - Application Performance Management
- product: Identity Manager
+ - product: Identity Manager Connector
+ - product: JD Edwards EnterpriseOne Accounts Payable
+ - product: JD Edwards EnterpriseOne General Ledger
+ - product: JD Edwards EnterpriseOne Human Resources Management
- product: JD Edwards EnterpriseOne Order Promising
- product: JD Edwards EnterpriseOne Project Costing
- product: JD Edwards EnterpriseOne Tools
- product: MySQL Cluster
+ - product: Oracle Access Manager
- product: Oracle Advanced Inbound Telephony
- product: Oracle Advanced Outbound Telephony
- product: Oracle Agile PLM
@@ -633,6 +639,7 @@
- product: Oracle Hyperion Infrastructure Technology
- product: Oracle Identity Manager
- product: Oracle Identity Manager Connector
+ - product: Oracle iSetup
- product: Oracle iSupport
- product: Oracle Lease and Finance Management
- product: Oracle Life Sciences Empirica Signal
@@ -647,6 +654,8 @@
- product: Oracle Process Manufacturing Product Development
- product: Oracle Process Manufacturing Process Planning
- product: Oracle Product Hub
+ - product: Oracle Project Portfolio Analysis
+ - product: Oracle Property Manager
- product: Oracle Public Sector Financials (International)
- product: Oracle Public Sector Payroll
- product: Oracle Quality
@@ -662,6 +671,7 @@
- product: Oracle User Management
- product: Oracle Utilities Application Framework
- product: Oracle WebCenter Content
+ - product: Oracle WebCenter Enterprise Capture
- product: Oracle WebCenter Portal
- product: Oracle WebCenter Sites
- product: Oracle WebLogic Server
@@ -691,6 +701,7 @@
- product: Siebel CRM Cloud Applications
- product: Siebel CRM End User
- product: Siebel CRM Deployment
+ - product: Siebel CRM Integration
- reason: SUSE
allOf:
- cna: suse
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89236f2f60da78503c1565957eb8f240e480adde
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89236f2f60da78503c1565957eb8f240e480adde
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260617/89654249/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list