[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 24 Jun 2022 14:23:59 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5e5aa003 by Salvatore Bonaccorso at 2022-06-24T23:23:24+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1356,7 +1356,7 @@ CVE-2022-33955
 CVE-2022-33954
        RESERVED
 CVE-2022-33953 (IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a 
user wi ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-33952
        RESERVED
 CVE-2022-33951
@@ -6653,7 +6653,7 @@ CVE-2022-31769 (IBM Spectrum Copy Data Management 2.2.0.0 
through 2.2.15.0 could
 CVE-2022-31768 (IBM InfoSphere Information Server 11.7 is vulnerable to SQL 
injection. ...)
        NOT-FOR-US: IBM
 CVE-2022-31767 (IBM CICS TX Standard and Advanced 11.1 could allow a remote 
attacker t ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-31766
        RESERVED
 CVE-2022-31765
@@ -35421,7 +35421,7 @@ CVE-2022-22504
 CVE-2022-22503
        RESERVED
 CVE-2022-22502 (IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable 
to cros ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-22501
        RESERVED
 CVE-2022-22500
@@ -35645,9 +35645,9 @@ CVE-2022-22392 (IBM Planning Analytics Local 2.0 could 
allow an attacker to uplo
 CVE-2022-22391 (IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow 
an authen ...)
        NOT-FOR-US: IBM
 CVE-2022-22390 (IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 
11.5 ma ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-22389 (IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 
11.5 is ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-22388
        RESERVED
 CVE-2022-22387
@@ -59542,7 +59542,7 @@ CVE-2021-39049 (IBM i2 Analyst's Notebook 9.2.0, 9.2.1, 
and 9.2.2 is vulnerable
 CVE-2021-39048 (IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a 
stack based ...)
        NOT-FOR-US: IBM
 CVE-2021-39047 (IBM Planning Analytics 2.0 and IBM Cognos Analytics 11.2.1, 
11.2.0, an ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-39046 (IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 
and IBM Bu ...)
        NOT-FOR-US: IBM
 CVE-2021-39045
@@ -59746,7 +59746,7 @@ CVE-2021-38947 (IBM Spectrum Copy Data Management 
2.2.13 and earlier uses weaker
 CVE-2021-38946 (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable 
to cross ...)
        NOT-FOR-US: IBM
 CVE-2021-38945 (IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 could allow a 
remote a ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-38944 (IBM DataPower Gateway 10.0.2.0 through 1.0.3.0, 10.0.1.0 
through 10.0. ...)
        NOT-FOR-US: IBM
 CVE-2021-38943
@@ -59878,7 +59878,7 @@ CVE-2021-38881
 CVE-2021-38880
        RESERVED
 CVE-2021-38879 (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 
could allow ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-38878 (IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious actor to 
imperson ...)
        NOT-FOR-US: IBM
 CVE-2021-38877 (IBM Jazz for Service Management 1.1.3.10 is vulnerable to 
stored cross ...)
@@ -59894,7 +59894,7 @@ CVE-2021-38873 (IBM Planning Analytics 2.0 is 
potentially vulnerable to CSV Inje
 CVE-2021-38872 (IBM DataPower Gateway 10.0.2.0, 10.0.3.0, 10.0.1.0 through 
10.0.1.4, a ...)
        NOT-FOR-US: IBM
 CVE-2021-38871 (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-38870 (IBM Aspera Cloud is vulnerable to stored cross-site scripting. 
This vu ...)
        NOT-FOR-US: IBM
 CVE-2021-38869 (IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations may not 
automatic ...)
@@ -82996,7 +82996,7 @@ CVE-2021-29867 (IBM Cognos Analytics 11.1.7 and 11.2.0 
could allow an authentica
 CVE-2021-29866
        RESERVED
 CVE-2021-29865 (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 
could allow ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-29864
        RESERVED
 CVE-2021-29863 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to server side 
request forge ...)
@@ -83190,7 +83190,7 @@ CVE-2021-29770 (IBM i2 Analyst's Notebook Premium (IBM 
i2 Analyze 4.3.0, 4.3.1,
 CVE-2021-29769 (IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 
4.3.1, and 4. ...)
        NOT-FOR-US: IBM
 CVE-2021-29768 (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a 
low leve ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-29767 (IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 
could allow  ...)
        NOT-FOR-US: IBM
 CVE-2021-29766 (IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 
4.3.1, and 4. ...)
@@ -107270,7 +107270,7 @@ CVE-2021-20553
 CVE-2021-20552 (IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow 
a remote ...)
        NOT-FOR-US: IBM
 CVE-2021-20551 (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 
allows web  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20550 (IBM Content Navigator 3.0.CD is vulnerable to cross-site 
scripting. Th ...)
        NOT-FOR-US: IBM
 CVE-2021-20549 (IBM Content Navigator 3.0.CD is vulnerable to cross-site 
scripting. Th ...)
@@ -107284,9 +107284,9 @@ CVE-2021-20546 (IBM Spectrum Protect Client 8.1.0.0 
through 8.1.11.0 is vulnerab
 CVE-2021-20545
        RESERVED
 CVE-2021-20544 (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20543 (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20542
        RESERVED
 CVE-2021-20541 (IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 
1.6.1.0,  ...)
@@ -107530,7 +107530,7 @@ CVE-2021-20423 (IBM Cloud Pak for Applications 4.3 
could allow an authenticated
 CVE-2021-20422 (IBM Cloud Pak for Applications 4.3 could disclose sensitive 
informatio ...)
        NOT-FOR-US: IBM
 CVE-2021-20421 (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20420 (IBM Security Guardium 11.2 could disclose sensitive 
information due to ...)
        NOT-FOR-US: IBM
 CVE-2021-20419 (IBM Security Guardium 11.2 uses weaker than expected 
cryptographic alg ...)
@@ -107662,7 +107662,7 @@ CVE-2021-20357 (IBM Jazz Foundation products is 
vulnerable to cross-site scripti
 CVE-2021-20356
        RESERVED
 CVE-2021-20355 (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 
could allow ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20354 (IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow 
a remot ...)
        NOT-FOR-US: IBM
 CVE-2021-20353 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is 
vulnerable  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e5aa0039c60be0691e32191b921fce51d178ffd

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e5aa0039c60be0691e32191b921fce51d178ffd
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to