Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e0744ae0 by Salvatore Bonaccorso at 2023-02-09T10:11:35+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -30294,11 +30294,11 @@ CVE-2022-42440
CVE-2022-42439 (IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and
12.0.4.0 an ...)
NOT-FOR-US: IBM
CVE-2022-42438 (IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3
allows ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-42437
RESERVED
CVE-2022-42436 (IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer
could a ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-42435 (IBM Business Automation Workflow 18.0.0, 18.0.1, 18.0.2,
19.0.1, 19.0. ...)
NOT-FOR-US: IBM
CVE-2022-42433
@@ -48124,7 +48124,7 @@ CVE-2022-35722 (IBM Jazz for Service Management is
vulnerable to stored cross-si
CVE-2022-35721 (IBM Jazz for Service Management 1.1.3 is vulnerable to stored
cross-si ...)
NOT-FOR-US: IBM
CVE-2022-35720 (IBM Sterling External Authentication Server 6.1.0 and IBM
Sterling Sec ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-35719 (IBM MQ Internet Pass-Thru 2.1, 9.2 LTS and 9.2 CD stores
potentially s ...)
NOT-FOR-US: IBM
CVE-2022-35718
@@ -52150,7 +52150,7 @@ CVE-2022-2191 (In Eclipse Jetty versions 10.0.0 thru
10.0.9, and 11.0.0 thru 11.
NOTE: https://github.com/eclipse/jetty.project/issues/8161
NOTE:
https://github.com/eclipse/jetty.project/security/advisories/GHSA-8mpp-f3f7-xc28
CVE-2022-34362 (IBM Sterling Secure Proxy 6.0.3 is vulnerable to HTTP header
injection ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-34361 (IBM Sterling Secure Proxy 6.0.3 uses weaker than expected
cryptographi ...)
NOT-FOR-US: IBM
CVE-2022-34360
@@ -52174,7 +52174,7 @@ CVE-2022-34352
CVE-2022-34351
RESERVED
CVE-2022-34350 (IBM API Connect 10.0.0.0 through 10.0.5.0, 10.0.1.0 through
10.0.1.7, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-34349
RESERVED
CVE-2022-34348 (IBM Sterling Partner Engagement Manager 6.1 is vulnerable to
an XML Ex ...)
@@ -53884,7 +53884,7 @@ CVE-2022-2096
CVE-2022-2095 (An improper access control check in GitLab CE/EE affecting all
version ...)
- gitlab <unfixed>
CVE-2022-2094 (The Yellow Yard Searchbar WordPress plugin before 2.8.2 does
not escap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2093 (The WP Duplicate Page WordPress plugin before 1.3 does not
sanitize an ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2092 (The WooCommerce PDF Invoices & Packing Slips WordPress
plugin befo ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0744ae08d3e237c57dddc29729c8fef14a3f966
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0744ae08d3e237c57dddc29729c8fef14a3f966
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
