[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 04 Nov 2022 01:18:54 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2320e111 by Salvatore Bonaccorso at 2022-11-04T09:18:20+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5627,7 +5627,7 @@ CVE-2022-43576
 CVE-2022-43575
        RESERVED
 CVE-2022-43574 ("IBM Robotic Process Automation 21.0.1, 21.0.2, 21.0.3, 
21.0.4, and 21 ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-43573
        RESERVED
 CVE-2022-43572
@@ -8732,7 +8732,7 @@ CVE-2022-42444
 CVE-2022-42443
        RESERVED
 CVE-2022-42442 ("IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 
21.0.3,  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-42441
        RESERVED
 CVE-2022-42440
@@ -12776,7 +12776,7 @@ CVE-2022-40749
 CVE-2022-40748 (IBM InfoSphere Information Server 11.7 is vulnerable to 
cross-site scr ...)
        NOT-FOR-US: IBM
 CVE-2022-40747 ("IBM InfoSphere Information Server 11.7 is vulnerable to an 
XML Extern ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-40746
        RESERVED
 CVE-2022-40745
@@ -14060,7 +14060,7 @@ CVE-2022-40237
 CVE-2022-40236
        RESERVED
 CVE-2022-40235 ("IBM InfoSphere Information Server 11.7 could allow a user to 
cause a  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-40234 (Versions of IBM Spectrum Protect Plus prior to 10.1.12 
(excluding 10.1 ...)
        NOT-FOR-US: IBM
 CVE-2022-40233
@@ -14070,7 +14070,7 @@ CVE-2022-40232
 CVE-2022-40231
        RESERVED
 CVE-2022-40230 ("IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does 
not invali ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-40229
        RESERVED
 CVE-2022-40228
@@ -17953,11 +17953,11 @@ CVE-2022-38714
 CVE-2022-38713
        RESERVED
 CVE-2022-38712 ("IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web 
services  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-38711
        RESERVED
 CVE-2022-38710 ("IBM Robotic Process Automation 21.0.1 and 21.0.2 could 
disclose sensi ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-38709 (IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 for 
Cloud Pa ...)
        NOT-FOR-US: IBM
 CVE-2022-38708
@@ -25998,7 +25998,7 @@ CVE-2022-35719
 CVE-2022-35718
        RESERVED
 CVE-2022-35717 ("IBM InfoSphere Information Server 11.7 could allow a locally 
authenti ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-35716 (IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.16, 7.0.0.0 
through 7 ...)
        NOT-FOR-US: IBM
 CVE-2022-35715 (IBM InfoSphere Information Server 11.7 could allow a remote 
attacker t ...)
@@ -26197,7 +26197,7 @@ CVE-2022-35644
 CVE-2022-35643 (IBM PowerVM VIOS 3.1 could allow a remote attacker to tamper 
with syst ...)
        NOT-FOR-US: IBM
 CVE-2022-35642 ("IBM InfoSphere Information Server 11.7 is vulnerable to 
cross-site sc ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-35641
        RESERVED
 CVE-2022-35640
@@ -27174,7 +27174,7 @@ CVE-2022-35281
 CVE-2022-35280 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does 
not req ...)
        NOT-FOR-US: IBM
 CVE-2022-35279 ("IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 
18.0.0.2, 19.0.0 ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-35278 (In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could 
show mal ...)
        NOT-FOR-US: Apache ActiveMQ Artemis
 CVE-2022-34850 (An OS command injection vulnerability exists in the web_server 
/action ...)
@@ -29939,7 +29939,7 @@ CVE-2022-34341
 CVE-2022-34340
        RESERVED
 CVE-2022-34339 ("IBM Cognos Analytics 11.2.1, 11.2.0, 11.1.7 stores user 
credentials i ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-34338 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 
could disclo ...)
        NOT-FOR-US: IBM
 CVE-2022-34337
@@ -40191,7 +40191,7 @@ CVE-2022-1700 (Improper Restriction of XML External 
Entity Reference ('XXE') vul
 CVE-2022-30616 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 
could allow  ...)
        NOT-FOR-US: IBM
 CVE-2022-30615 ("IBM InfoSphere Information Server 11.7 is vulnerable to 
cross-site sc ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-30614 (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable 
to a den ...)
        NOT-FOR-US: IBM
 CVE-2022-30613 (IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive 
information via a ...)
@@ -40205,7 +40205,7 @@ CVE-2022-30610 (IBM Spectrum Copy Data Management 
2.2.0.0 through 2.2.15.0 is vu
 CVE-2022-30609
        RESERVED
 CVE-2022-30608 ("IBM InfoSphere Information Server 11.7 is vulnerable to 
cross-site re ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-30607 (IBM Robotic Process Automation 20.10.0, 20.12.5, 21.0.0, 
21.0.1, and 2 ...)
        NOT-FOR-US: IBM
 CVE-2022-30546 (Out-of-bounds read vulnerability exists in the simulator 
module contai ...)
@@ -66044,7 +66044,7 @@ CVE-2022-22444 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 
could allow a local user to
 CVE-2022-22443 (IBM InfoSphere Information Server 11.7 is vulnerable to 
cross-site scr ...)
        NOT-FOR-US: IBM
 CVE-2022-22442 ("IBM InfoSphere Information Server 11.7 could allow an 
authenticated u ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-22441 (IBM InfoSphere Information Server 11.7 could allow an 
authenticated us ...)
        NOT-FOR-US: IBM
 CVE-2022-22440
@@ -66078,7 +66078,7 @@ CVE-2022-22427 (IBM InfoSphere Information Server 11.7 
is vulnerable to cross-si
 CVE-2022-22426 (IBM Spectrum Copy Data Management Admin 2.2.0.0 through 
2.2.15.0 could ...)
        NOT-FOR-US: IBM
 CVE-2022-22425 ("IBM InfoSphere Information Server 11.7 is potentially 
vulnerable to C ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-22424 (IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to 
obtain s ...)
        NOT-FOR-US: IBM
 CVE-2022-22423 (IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 
and CCA 7. ...)
@@ -90289,7 +90289,7 @@ CVE-2021-39079 (IBM Cognos Analytics Mobile for Android 
applications prior to ve
 CVE-2021-39078 (IBM Security Guardium 10.5 stores user credentials in plain 
clear text ...)
        NOT-FOR-US: IBM
 CVE-2021-39077 ("IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 
11.4 st ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-39076 (IBM Security Guardium 10.5 and 11.3 uses weaker than expected 
cryptogr ...)
        NOT-FOR-US: IBM
 CVE-2021-39075



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2320e111c53f82a1018a82a6b946309498e6fa2a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2320e111c53f82a1018a82a6b946309498e6fa2a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to