[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Mon Oct 12 21:13:35 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
faa815e5 by Salvatore Bonaccorso at 2020-10-12T22:13:00+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -53193,25 +53193,25 @@ CVE-2020-4783
 CVE-2020-4782
 	RESERVED
 CVE-2020-4781 (An improper input validation before calling java readLine() method may ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4780 (OOTB build scripts does not set the secure attribute on session cookie ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4779 (A HTTP Verb Tampering vulnerability may impact IBM Curam Social Progra ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4778 (IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorith ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4777
 	RESERVED
 CVE-2020-4776 (A path traversal vulnerability may impact IBM Curam Social Program Man ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4775 (A cross-site scripting (XSS) vulnerability may impact IBM Curam Social ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4774 (An XPath vulnerability may impact IBM Curam Social Program Management  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4773 (A cross-site request forgery (CSRF) vulnerability may impact IBM Curam ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4772 (An XML External Entity Injection (XXE) vulnerability may impact IBM Cu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4771
 	RESERVED
 CVE-2020-4770
@@ -53273,9 +53273,9 @@ CVE-2020-4743
 CVE-2020-4742
 	RESERVED
 CVE-2020-4741 (IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to store ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4740 (IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to HTML  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4739
 	RESERVED
 CVE-2020-4738
@@ -53357,7 +53357,7 @@ CVE-2020-4701
 CVE-2020-4700
 	RESERVED
 CVE-2020-4699 (IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4698 (IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Work ...)
 	NOT-FOR-US: IBM
 CVE-2020-4697
@@ -53377,7 +53377,7 @@ CVE-2020-4691
 CVE-2020-4690
 	RESERVED
 CVE-2020-4689 (IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote pr ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4688
 	RESERVED
 CVE-2020-4687 (IBM Content Navigator 3.0.7 and 3.0.8 could allow an authenticated use ...)
@@ -53393,13 +53393,13 @@ CVE-2020-4683
 CVE-2020-4682
 	RESERVED
 CVE-2020-4681 (IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4680 (IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4679 (IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4678 (IBM Security Guardium 11.2 could allow an attacker with admin access t ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4677
 	RESERVED
 CVE-2020-4676
@@ -53433,9 +53433,9 @@ CVE-2020-4663
 CVE-2020-4662 (IBM Event Streams 10.0.0 could allow an authenticated user to perform  ...)
 	NOT-FOR-US: IBM
 CVE-2020-4661 (IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4660 (IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4659
 	RESERVED
 CVE-2020-4658
@@ -53979,7 +53979,7 @@ CVE-2020-4390
 CVE-2020-4389
 	RESERVED
 CVE-2020-4388 (IBM Cognos Analytics 11.0 and 11.1 could be vulnerable to a denial of  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4387 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
 CVE-2020-4386 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
@@ -54151,7 +54151,7 @@ CVE-2020-4304 (IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.
 CVE-2020-4303 (IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 i ...)
 	NOT-FOR-US: IBM
 CVE-2020-4302 (IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to ex ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4301
 	RESERVED
 CVE-2020-4300



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/faa815e5d21b8ed49636cd731dd629dead318b0b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/faa815e5d21b8ed49636cd731dd629dead318b0b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201012/8597328a/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list