[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Apr 28 07:49:35 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
48096f74 by Salvatore Bonaccorso at 2022-04-28T08:48:58+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22710,7 +22710,7 @@ CVE-2022-22347
 CVE-2022-22346 (IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is ...)
 	NOT-FOR-US: IBM
 CVE-2022-22345 (IBM QRadar 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. Th ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-22344 (IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerab ...)
 	NOT-FOR-US: IBM
 CVE-2022-22343
@@ -22754,7 +22754,7 @@ CVE-2022-22325
 CVE-2022-22324
 	RESERVED
 CVE-2022-22323 (IBM Security Identity Manager (IBM Security Verify Password Synchroniz ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-22322
 	RESERVED
 CVE-2022-22321 (IBM MQ Appliance 9.2 CD and 9.2 LTS local messaging users stored with  ...)
@@ -22770,13 +22770,13 @@ CVE-2022-22317
 CVE-2022-22316 (IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an authenticated and a ...)
 	NOT-FOR-US: IBM
 CVE-2022-22315 (IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated user w ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-22314
 	RESERVED
 CVE-2022-22313
 	RESERVED
 CVE-2022-22312 (IBM Security Identity Manager (IBM Security Verify Password Synchroniz ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-22311 (IBM Security Verify Access could allow a user, using man in the middle ...)
 	NOT-FOR-US: IBM
 CVE-2022-22310 (IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 c ...)
@@ -46397,7 +46397,7 @@ CVE-2021-38941
 CVE-2021-38940
 	RESERVED
 CVE-2021-38939 (IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive informa ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-38938
 	RESERVED
 CVE-2021-38937 (IBM PowerVM Hypervisor FW940, FW950, and FW1010 could allow an authent ...)
@@ -46437,7 +46437,7 @@ CVE-2021-38921 (IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker t
 CVE-2021-38920
 	RESERVED
 CVE-2021-38919 (IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authoriz ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-38918 (IBM PowerVM Hypervisor FW860, FW940, FW950, and FW1010, through a spec ...)
 	NOT-FOR-US: IBM
 CVE-2021-38917 (IBM PowerVM Hypervisor FW860, FW940, and FW950 could allow an attacker ...)
@@ -46519,7 +46519,7 @@ CVE-2021-38880
 CVE-2021-38879
 	RESERVED
 CVE-2021-38878 (IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious actor to imperson ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-38877 (IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross ...)
 	NOT-FOR-US: IBM
 CVE-2021-38876 (IBM i 7.2, 7.3, and 7.4 is vulnerable to cross-site scripting. This vu ...)
@@ -46527,7 +46527,7 @@ CVE-2021-38876 (IBM i 7.2, 7.3, and 7.4 is vulnerable to cross-site scripting. T
 CVE-2021-38875 (IBM MQ 8.0, 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.1 CD, and 9.2 CD is vulnerabl ...)
 	NOT-FOR-US: IBM
 CVE-2021-38874 (IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access informati ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-38873 (IBM Planning Analytics 2.0 is potentially vulnerable to CSV Injection. ...)
 	NOT-FOR-US: IBM
 CVE-2021-38872
@@ -46537,7 +46537,7 @@ CVE-2021-38871
 CVE-2021-38870 (IBM Aspera Cloud is vulnerable to stored cross-site scripting. This vu ...)
 	NOT-FOR-US: IBM
 CVE-2021-38869 (IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations may not automatic ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-38868
 	RESERVED
 CVE-2021-38867
@@ -69652,7 +69652,7 @@ CVE-2021-29778
 CVE-2021-29777 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
 CVE-2021-29776 (IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow an authenticated user to ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-29775 (IBM Business Automation Workflow 19.0.03 and 20.0 and IBM Cloud Pak fo ...)
 	NOT-FOR-US: IBM
 CVE-2021-29774 (IBM Jazz Team Server products could allow an authenticated user to obt ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48096f743ee66a9f7613f64b0b786a100ab75eda

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48096f743ee66a9f7613f64b0b786a100ab75eda
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220428/855dbd8b/attachment.htm>

More information about the debian-security-tracker-commits mailing list