[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Sat Jan 9 08:21:13 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
af0197ac by Salvatore Bonaccorso at 2021-01-09T09:20:51+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -74718,9 +74718,9 @@ CVE-2020-5149
 CVE-2020-5148
 	RESERVED
 CVE-2020-5147 (SonicWall NetExtender Windows client vulnerable to unquoted service pa ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2020-5146 (A vulnerability in SonicWall SMA100 appliance allow an authenticated m ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2020-5145 (SonicWall Global VPN client version 4.10.4.0314 and earlier have an in ...)
 	NOT-FOR-US: SonicWall
 CVE-2020-5144 (SonicWall Global VPN client version 4.10.4.0314 and earlier allows unp ...)
@@ -75126,17 +75126,17 @@ CVE-2020-5024
 CVE-2020-5023
 	RESERVED
 CVE-2020-5022 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow unauthentica ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-5021 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 does not invalidate se ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-5020 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-5019 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 is vulnerable to HTTP  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-5018 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may include sensitive  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-5017 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-5016
 	RESERVED
 CVE-2020-5015
@@ -75707,7 +75707,7 @@ CVE-2020-4735
 CVE-2020-4734
 	RESERVED
 CVE-2020-4733 (IBM Jazz Foundation products are vulnerable to cross-site scripting. T ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4732
 	RESERVED
 CVE-2020-4731 (IBM Aspera Web Application 1.9.14 PL1 is vulnerable to cross-site scri ...)
@@ -75779,7 +75779,7 @@ CVE-2020-4699 (IBM Security Access Manager 9.0.7 and IBM Security Verify Access
 CVE-2020-4698 (IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Work ...)
 	NOT-FOR-US: IBM
 CVE-2020-4697 (IBM Jazz Foundation products are vulnerable to cross-site scripting. T ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4696 (IBM Cloud Pak for Security 1.3.0.1(CP4S) does not invalidate session a ...)
 	NOT-FOR-US: IBM
 CVE-2020-4695
@@ -75791,7 +75791,7 @@ CVE-2020-4693 (IBM Spectrum Protect Operations Center 7.1.0.000 through 7.1.10 a
 CVE-2020-4692 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 a ...)
 	NOT-FOR-US: IBM
 CVE-2020-4691 (IBM Jazz Foundation Products are vulnerable to cross-site scripting. T ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4690
 	RESERVED
 CVE-2020-4689 (IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote pr ...)
@@ -76085,7 +76085,7 @@ CVE-2020-4546 (IBM Jazz Team Server based Applications are vulnerable to cross-s
 CVE-2020-4545 (IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbi ...)
 	NOT-FOR-US: IBM
 CVE-2020-4544 (IBM Jazz Foundation Products could allow a remote attacker to obtain s ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4543
 	RESERVED
 CVE-2020-4542 (IBM Jazz Foundation and IBM Engineering products are vulnerable to cro ...)
@@ -76199,7 +76199,7 @@ CVE-2020-4489
 CVE-2020-4488
 	RESERVED
 CVE-2020-4487 (IBM Jazz Foundation Products could allow a remote attacker to obtain s ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4486 (IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to ov ...)
 	NOT-FOR-US: IBM
 CVE-2020-4485 (IBM QRadar 7.2.0 through 7.2.9 could allow an authenticated user to di ...)
@@ -88813,9 +88813,9 @@ CVE-2019-18645 (The quarantine restoration function in Total Defense Anti-virus
 CVE-2019-18644 (The malware scan function in Total Defense Anti-virus 11.5.2.28 is vul ...)
 	NOT-FOR-US: Total Defense Anti-virus
 CVE-2019-18643 (Rock RMS versions before 8.10 and versions 9.0 through 9.3 fails to pr ...)
-	TODO: check
+	NOT-FOR-US: Rock RMS
 CVE-2019-18642 (Rock RMS version before 8.6 is vulnerable to account takeover by tampe ...)
-	TODO: check
+	NOT-FOR-US: Rock RMS
 CVE-2019-18641 (Rock RMS before 1.8.6 mishandles vCard access control within the Peopl ...)
 	NOT-FOR-US: Rock RMS
 CVE-2019-18640



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af0197ac4068bb6d9e6bd02f891e90769feb16f8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af0197ac4068bb6d9e6bd02f891e90769feb16f8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210109/0e531b6a/attachment.html>

More information about the debian-security-tracker-commits mailing list