[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Mon, 31 May 2021 13:16:25 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
27923c43 by Salvatore Bonaccorso at 2021-05-31T22:16:01+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8391,9 +8391,9 @@ CVE-2021-30182
 CVE-2021-30181 (Apache Dubbo prior to 2.6.9 and 2.7.9 supports Script routing 
which wi ...)
        NOT-FOR-US: Apache Dubbo
 CVE-2021-30180 (Apache Dubbo prior to 2.7.9 support Tag routing which will 
enable a cu ...)
-       TODO: check
+       NOT-FOR-US: Apache Dubbo
 CVE-2021-30179 (Apache Dubbo prior to 2.6.9 and 2.7.9 by default supports 
generic call ...)
-       TODO: check
+       NOT-FOR-US: Apache Dubbo
 CVE-2020-36314 (fr-archive-libarchive.c in GNOME file-roller through 3.38.0, 
as used b ...)
        - file-roller 3.38.1-1
        [buster] - file-roller <no-dsa> (Minor issue)
@@ -9626,7 +9626,7 @@ CVE-2021-29667 (IBM Spectrum Scale 5.0.0 through 5.0.5.6 
and 5.1.0 through 5.1.0
 CVE-2021-29666 (IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 
5.1.0.2 is  ...)
        NOT-FOR-US: IBM
 CVE-2021-29665 (IBM Security Verify Access 20.07 is vulnerable to a stack 
based buffer ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-29664
        RESERVED
 CVE-2020-36305
@@ -19543,7 +19543,7 @@ CVE-2021-25642
 CVE-2021-25641 (Each Apache Dubbo server will set a serialization id to tell 
the clien ...)
        NOT-FOR-US: Apache Dubbo
 CVE-2021-25640 (In Apache Dubbo prior to 2.6.9 and 2.7.9, the usage of 
parseURL method ...)
-       TODO: check
+       NOT-FOR-US: Apache Dubbo
 CVE-2021-25639
        RESERVED
 CVE-2021-25638
@@ -32370,7 +32370,7 @@ CVE-2021-20587 (Heap-based buffer overflow 
vulnerability in Mitsubishi Electric
 CVE-2021-20586 (Resource management errors vulnerability in a robot controller 
of MELF ...)
        NOT-FOR-US: Mitsubishi
 CVE-2021-20585 (IBM Security Verify Access 20.07 could disclose sensitive 
information  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20584
        RESERVED
 CVE-2021-20583
@@ -32388,9 +32388,9 @@ CVE-2021-20578
 CVE-2021-20577 (IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 is 
vulnerable to ...)
        NOT-FOR-US: IBM
 CVE-2021-20576 (IBM Security Verify Access 20.07 could allow a remote attacker 
to send ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20575 (IBM Security Verify Access 20.07 allows web pages to be stored 
locally ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20574
        RESERVED
 CVE-2021-20573
@@ -101753,7 +101753,7 @@ CVE-2020-4563
 CVE-2020-4562 (IBM Planning Analytics 2.0 could allow a remote attacker to 
obtain sen ...)
        NOT-FOR-US: IBM
 CVE-2020-4561 (IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of 
all co ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4560 (IBM Financial Transaction Manager 3.2.4 is vulnerable to 
cross-site sc ...)
        NOT-FOR-US: IBM
 CVE-2020-4559 (IBM Spectrum Protect 7.1 and 8.1 could allow an attacker to 
cause a de ...)
@@ -101835,7 +101835,7 @@ CVE-2020-4522 (IBM Jazz Team Server based 
Applications are vulnerable to cross-s
 CVE-2020-4521 (IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a 
remote authe ...)
        NOT-FOR-US: IBM
 CVE-2020-4520 (IBM Cognos Analytics 11.0 and 11.1 could allow a remote 
attacker to in ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4519
        RESERVED
 CVE-2020-4518
@@ -102167,7 +102167,7 @@ CVE-2020-4356
 CVE-2020-4355 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect 
Server) 9.7, ...)
        NOT-FOR-US: IBM
 CVE-2020-4354 (IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site 
scripti ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4353 (IBM MaaS360 6.82 could allow a user with pysical access to the 
device  ...)
        NOT-FOR-US: IBM
 CVE-2020-4352 (IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a 
privilege esc ...)
@@ -102275,7 +102275,7 @@ CVE-2020-4302 (IBM Cognos Analytics 11.0 and 11.1 
could allow a remote attacker
 CVE-2020-4301
        RESERVED
 CVE-2020-4300 (IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML 
External En ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4299 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 
6.0.3.1 c ...)
        NOT-FOR-US: IBM
 CVE-2020-4298 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is 
vulnerable t ...)
@@ -156907,7 +156907,7 @@ CVE-2019-4732 (IBM SDK, Java Technology Edition 
Version 7.0.0.0 through 7.0.10.5
 CVE-2019-4731 (IBM MQ Appliance 9.1.4.CD could allow a local attacker to 
obtain highl ...)
        NOT-FOR-US: IBM
 CVE-2019-4730 (IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML 
External En ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2019-4729 (IBM Cognos Analytics 11.0 and 11.1 could allow a remote 
attacker to ob ...)
        NOT-FOR-US: IBM
 CVE-2019-4728 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 
5.2.6.5_2 ...)
@@ -156919,11 +156919,11 @@ CVE-2019-4726 (IBM Sterling B2B Integrator Standard 
Edition 5.2.0.0 through 5.2.
 CVE-2019-4725 (IBM Security Access Manager Appliance 9.0 is vulnerable to 
cross-site  ...)
        NOT-FOR-US: IBM
 CVE-2019-4724 (IBM Cognos Analytics 11.0 and 11.1 could allow a remote 
attacker to ob ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2019-4723 (IBM Cognos Analytics 11.0 and 11.1 could allow a remote 
attacker to ob ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2019-4722 (IBM Cognos Analytics 11.0 and 11.1 could allow a remote 
attacker to ob ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2019-4721
        RESERVED
 CVE-2019-4720 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is 
vulnerable  ...)
@@ -157061,7 +157061,7 @@ CVE-2019-4655 (IBM MQ 9.1.0.0, 9.1.0.1, 9.1.0.2, 
9.1.0.3, 9.1.1, 9.1.2, and 9.1.
 CVE-2019-4654 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 does not validate, or 
incorrectly va ...)
        NOT-FOR-US: IBM
 CVE-2019-4653 (IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site 
scripti ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2019-4652 (IBM Spectrum Protect Plus 10.1.0 through 10.1.4 uses insecure 
file per ...)
        NOT-FOR-US: IBM Spectrum Protect Plus
 CVE-2019-4651 (IBM Jazz Reporting Service (JRS) 6.0.6.1 is vulnerable to SQL 
injectio ...)
@@ -157425,7 +157425,7 @@ CVE-2019-4473 (Multiple binaries in IBM SDK, Java 
Technology Edition 7, 7R, and
 CVE-2019-4472
        RESERVED
 CVE-2019-4471 (IBM Cognos Analytics 11.0 and 11.1 could allow a remote 
attacker to ob ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2019-4470 (IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site 
scriptin ...)
        NOT-FOR-US: IBM
 CVE-2019-4469



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27923c43f93766601c1ca865feaab335c76f938e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27923c43f93766601c1ca865feaab335c76f938e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to