[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
975b429d by Salvatore Bonaccorso at 2019-07-17T20:28:53Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1131,7 +1131,7 @@ CVE-2019-13574 (In lib/mini_magick/image.rb in MiniMagick before 4.9.4, a fetche
 	{DSA-4481-1}
 	- ruby-mini-magick <unfixed> (bug #931932)
 CVE-2019-13573 (A SQL injection vulnerability exists in the FolioVision FV Flowplayer  ...)
-	TODO: check
+	NOT-FOR-US: FolioVision FV Flowplayer Video Player plugin for WordPress
 CVE-2019-13572
 	RESERVED
 CVE-2019-13571
@@ -24787,7 +24787,7 @@ CVE-2019-4432
 CVE-2019-4431
 	RESERVED
 CVE-2019-4430 (IBM Maximo Asset Management 7.6 could allow a remote attacker to trave ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4429
 	RESERVED
 CVE-2019-4428
@@ -25225,7 +25225,7 @@ CVE-2019-4213
 CVE-2019-4212
 	RESERVED
 CVE-2019-4211 (IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. Thi ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4210 (IBM QRadar SIEM 7.3.2 could allow a user to bypass authentication expo ...)
 	NOT-FOR-US: IBM
 CVE-2019-4209
@@ -25259,7 +25259,7 @@ CVE-2019-4196
 CVE-2019-4195
 	RESERVED
 CVE-2019-4194 (IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 is missing ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4193 (IBM Jazz for Service Management 1.1.3 and 1.1.3.2 stores sensitive inf ...)
 	NOT-FOR-US: IBM
 CVE-2019-4192
@@ -25539,7 +25539,7 @@ CVE-2019-4056 (IBM Maximo Asset Management 7.6 Work Centers' application does no
 CVE-2019-4055 (IBM MQ 8.0.0.0 through 8.0.0.10, 9.0.0.0 through 9.0.0.5, and 9.1.0.0  ...)
 	NOT-FOR-US: IBM
 CVE-2019-4054 (IBM QRadar SIEM 7.2 and 7.3 could allow a local user to obtain sensiti ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4053
 	RESERVED
 CVE-2019-4052 (IBM API Connect 2018.1 and 2018.4.1.2 apis can be leveraged by unauthe ...)
@@ -85757,9 +85757,9 @@ CVE-2018-2024
 CVE-2018-2023
 	RESERVED
 CVE-2018-2022 (IBM QRadar SIEM 7.2 and 7.3 discloses sensitive information to unautho ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-2021 (IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. Thi ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-2020
 	RESERVED
 CVE-2018-2019 (IBM Security Identity Manager 6.0.0 Virtual Appliance is vulnerable to ...)
@@ -85959,7 +85959,7 @@ CVE-2018-1923 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server)
 CVE-2018-1922 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
 CVE-2018-1921 (IBM Campaign 9.1.0, 9.1.2, 10.1, and 11.0 is vulnerable to cross-site  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1920 (IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML Ex ...)
 	NOT-FOR-US: IBM
 CVE-2018-1919



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/975b429d4b58facbc3716fec2673a5a259d697d6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/975b429d4b58facbc3716fec2673a5a259d697d6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190717/8924be6f/attachment.html>