[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Sep 23 21:13:28 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fd951f18 by Salvatore Bonaccorso at 2021-09-23T22:12:59+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6158,7 +6158,7 @@ CVE-2021-38879
 CVE-2021-38878
 	RESERVED
 CVE-2021-38877 (IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-38876
 	RESERVED
 CVE-2021-38875
@@ -6172,7 +6172,7 @@ CVE-2021-38872
 CVE-2021-38871
 	RESERVED
 CVE-2021-38870 (IBM Aspera Cloud is vulnerable to stored cross-site scripting. This vu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-38869
 	RESERVED
 CVE-2021-38868
@@ -6184,9 +6184,9 @@ CVE-2021-38866
 CVE-2021-38865
 	RESERVED
 CVE-2021-38864 (IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain sensit ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-38863 (IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain cl ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-38862
 	RESERVED
 CVE-2021-38861
@@ -28123,9 +28123,9 @@ CVE-2021-29907 (IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticat
 CVE-2021-29906
 	RESERVED
 CVE-2021-29905 (IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-29904 (IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-29903
 	RESERVED
 CVE-2021-29902
@@ -28267,9 +28267,9 @@ CVE-2021-29835
 CVE-2021-29834
 	RESERVED
 CVE-2021-29833 (IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-29832 (IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-29831 (IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbu ...)
 	NOT-FOR-US: IBM
 CVE-2021-29830
@@ -28301,19 +28301,19 @@ CVE-2021-29818 (IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_G
 CVE-2021-29817 (IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1 ...)
 	NOT-FOR-US: IBM
 CVE-2021-29816 (IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-29815 (IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-29814 (IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-29813 (IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-29812 (IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-29811 (IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1 ...)
 	NOT-FOR-US: IBM
 CVE-2021-29810 (IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-29809 (IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1 ...)
 	NOT-FOR-US: IBM
 CVE-2021-29808 (IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1 ...)
@@ -28333,7 +28333,7 @@ CVE-2021-29802 (IBM Security SOAR performs an operation at a privilege level tha
 CVE-2021-29801 (IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user ...)
 	NOT-FOR-US: IBM
 CVE-2021-29800 (IBM Tivoli Netcool/OMNIbus_GUI and IBM Jazz for Service Management 1.1 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-29799
 	RESERVED
 CVE-2021-29798
@@ -52002,7 +52002,7 @@ CVE-2021-20565 (IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6
 CVE-2021-20564 (IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0,  ...)
 	NOT-FOR-US: IBM
 CVE-2021-20563 (IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20562 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_3 ...)
 	NOT-FOR-US: IBM
 CVE-2021-20561
@@ -52158,9 +52158,9 @@ CVE-2021-20487 (IBM Power9 Self Boot Engine(SBE) could allow a privileged user t
 CVE-2021-20486 (IBM Cloud Pak for Data 3.0 could allow an authenticated user to obtain ...)
 	NOT-FOR-US: IBM
 CVE-2021-20485 (IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20484 (IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 is vulnerable to cro ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20483 (IBM Security Identity Manager 6.0.2 is vulnerable to server-side reque ...)
 	NOT-FOR-US: IBM
 CVE-2021-20482 (IBM Cloud Pak for Automation 20.0.2 and 20.0.3 IF002 are vulnerable to ...)
@@ -52258,9 +52258,9 @@ CVE-2021-20437
 CVE-2021-20436
 	RESERVED
 CVE-2021-20435 (IBM Security Verify Bridge 1.0.5.0 does not properly validate a certif ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20434 (IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain cl ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20433 (IBM Security Guardium 11.3 could allow a an authenticated user to obta ...)
 	NOT-FOR-US: IBM
 CVE-2021-20432 (IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses Cross-Origin Reso ...)
@@ -52374,7 +52374,7 @@ CVE-2021-20379 (IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 uses weak
 CVE-2021-20378 (IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not invali ...)
 	NOT-FOR-US: IBM
 CVE-2021-20377 (IBM Security Guardium 11.3 could allow a remote attacker to obtain sen ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20376
 	RESERVED
 CVE-2021-20375
@@ -121516,7 +121516,7 @@ CVE-2020-4943
 CVE-2020-4942 (IBM Curam Social Program Management 7.0.9 and 7.0.11 is vulnerable to  ...)
 	NOT-FOR-US: IBM
 CVE-2020-4941 (IBM Edge 4.2 could reveal sensitive version information about the serv ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4940
 	RESERVED
 CVE-2020-4939
@@ -121780,7 +121780,7 @@ CVE-2020-4811 (IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.
 CVE-2020-4810
 	RESERVED
 CVE-2020-4809 (IBM Edge 4.2 allows web pages to be stored locally which can be read b ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4808
 	RESERVED
 CVE-2020-4807
@@ -121788,11 +121788,11 @@ CVE-2020-4807
 CVE-2020-4806
 	RESERVED
 CVE-2020-4805 (IBM Edge 4.2 allows web pages to be stored locally which can be read b ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4804
 	RESERVED
 CVE-2020-4803 (IBM Edge 4.2 allows web pages to be stored locally which can be read b ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4802
 	RESERVED
 CVE-2020-4801
@@ -122021,7 +122021,7 @@ CVE-2020-4692 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.
 CVE-2020-4691 (IBM Jazz Foundation Products are vulnerable to cross-site scripting. T ...)
 	NOT-FOR-US: IBM
 CVE-2020-4690 (IBM Security Guardium 11.3 contains hard-coded credentials, such as a  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4689 (IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote pr ...)
 	NOT-FOR-US: IBM
 CVE-2020-4688 (IBM Security Guardium 10.6 and 11.2 could allow a local attacker to ex ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd951f18a54343669dbe6b1d5d8471d3c5753834

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd951f18a54343669dbe6b1d5d8471d3c5753834
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210923/42ec88f6/attachment.htm>


More information about the debian-security-tracker-commits mailing list