[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Jul 13 21:18:39 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
216a52c3 by Salvatore Bonaccorso at 2021-07-13T22:18:15+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -39866,11 +39866,11 @@ CVE-2021-20426 (IBM Security Guardium 11.2 contains hard-coded credentials, such
 CVE-2021-20425
 	RESERVED
 CVE-2021-20424 (IBM Cloud Pak for Applications 4.3 could allow a remote attacker to ob ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20423 (IBM Cloud Pak for Applications 4.3 could allow an authenticated user g ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20422 (IBM Cloud Pak for Applications 4.3 could disclose sensitive informatio ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20421
 	RESERVED
 CVE-2021-20420
@@ -39976,25 +39976,25 @@ CVE-2021-20371 (IBM Jazz Foundation and IBM Engineering products could allow a r
 CVE-2021-20370
 	RESERVED
 CVE-2021-20369 (IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptogra ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20368 (IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripti ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20367
 	RESERVED
 CVE-2021-20366 (IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripti ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20365 (IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripti ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20364 (IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripti ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20363 (IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripti ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20362 (IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripti ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20361 (IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripti ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20360 (IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptogra ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20359 (IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 - Business Automatio ...)
 	NOT-FOR-US: IBM
 CVE-2021-20358 (IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 stores potentially s ...)
@@ -43372,7 +43372,7 @@ CVE-2021-1957
 CVE-2021-1956
 	RESERVED
 CVE-2021-1955 (Denial of service in SAP case due to improper handling of connections  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-1954 (Possible buffer over read due to improper validation of data pointer w ...)
 	TODO: check
 CVE-2021-1953 (Improper handling of received malformed FTMR request frame can lead to ...)
@@ -55784,7 +55784,7 @@ CVE-2020-26156
 CVE-2020-26155 (Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31 ...)
 	NOT-FOR-US: Utimaco SecurityServer
 CVE-2020-26153 (A cross-site scripting (XSS) vulnerability in wp-content/plugins/event ...)
-	TODO: check
+	NOT-FOR-US: Event Espresso Core plugin for WordPress
 CVE-2020-26152
 	RESERVED
 CVE-2020-26151



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/216a52c3e6f772e8eeff6f9eef9d673fe9f27232

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/216a52c3e6f772e8eeff6f9eef9d673fe9f27232
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210713/e3864d65/attachment.htm>
