[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 30 09:20:00 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a11f7364 by Salvatore Bonaccorso at 2026-06-30T10:19:49+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,17 +7,17 @@ CVE-2026-8023 (Zephyr's HTTP server (subsys/net/lib/http) provides a static-file
 CVE-2026-7656 (The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (hand ...)
 	NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2026-57997 (Strapi users-permissions plugin fails to restrict JWT algorithms when  ...)
-	TODO: check
+	NOT-FOR-US: Strapi users-permissions plugin
 CVE-2026-57919 (PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before 26.2 cr ...)
-	TODO: check
+	NOT-FOR-US: Matrix42 Empirum
 CVE-2026-57498 (Coolify is an open-source and self-hostable tool for managing servers, ...)
-	TODO: check
+	NOT-FOR-US: Coolify
 CVE-2026-56809 (Multiple laser printers and MFPs (multifunction printers) which implem ...)
-	TODO: check
+	NOT-FOR-US: Ricoh
 CVE-2026-56808 (DGM3103SCT provided by AVTECH Security Corporation contains an OS comm ...)
-	TODO: check
+	NOT-FOR-US: AVTECH
 CVE-2026-56137 (RPG MAKER MV and MZ provided by Gotcha Gotcha Games Inc. contain an OS ...)
-	TODO: check
+	NOT-FOR-US: Gotcha Gotcha Games Inc.
 CVE-2026-55957 (Missing Critical Step in Authentication vulnerability in Apache Tomcat ...)
 	- tomcat11 11.0.5-1
 	[trixie] - tomcat11 11.0.15-1~deb13u1
@@ -30,19 +30,19 @@ CVE-2026-55957 (Missing Critical Step in Authentication vulnerability in Apache
 	NOTE: https://github.com/apache/tomcat/commit/0cd21c0393b8811af22daddbba7b4e7328e2d79e (10.1.37)
 	NOTE: https://github.com/apache/tomcat/commit/c32bbd37ea9ee0aaab848af4ee1c9a76e84240ea (9.0.101)
 CVE-2026-54889 (Improper Neutralization of Input During Web Page Generation (XSS) vuln ...)
-	TODO: check
+	NOT-FOR-US: leandrocp
 CVE-2026-54888 (Uncontrolled Recursion vulnerability in leandrocp mdex allows denial o ...)
-	TODO: check
+	NOT-FOR-US: leandrocp
 CVE-2026-53429 (Missing Release of Memory after Effective Lifetime vulnerability in le ...)
-	TODO: check
+	NOT-FOR-US: leandrocp
 CVE-2026-53426 (Allocation of Resources Without Limits or Throttling vulnerability in  ...)
-	TODO: check
+	NOT-FOR-US: leandrocp
 CVE-2026-51221 (A buffer overflow in the Get_Attribute_List function of EIPStackGroup  ...)
-	TODO: check
+	NOT-FOR-US: EIPStackGroup OpENer
 CVE-2026-51219 (A heap buffer overflow in the HighPriorityASDUQueue_hasUnconfirmedIMes ...)
-	TODO: check
+	NOT-FOR-US: lib60870
 CVE-2026-51218 (A heap buffer overflow in the TS7Worker::PerformFunctionWrite() functi ...)
-	TODO: check
+	NOT-FOR-US: snap7
 CVE-2026-43746 (A use-after-free issue was addressed with improved memory management.  ...)
 	NOT-FOR-US: Apple
 CVE-2026-43745 (An out-of-bounds write issue was addressed with improved input validat ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a11f736495f46fda8bee6ac2f390a78681cb4a85

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a11f736495f46fda8bee6ac2f390a78681cb4a85
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260630/151ae716/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list