[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Apr 28 22:14:48 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
329512c9 by Salvatore Bonaccorso at 2023-04-28T23:13:59+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2776,7 +2776,7 @@ CVE-2023-30446
 CVE-2023-30445
 	RESERVED
 CVE-2023-30444 (IBM Watson Machine Learning on Cloud Pak for Data 4.0 and 4.5 is vulne ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-30443
 	RESERVED
 CVE-2023-30442
@@ -4864,7 +4864,7 @@ CVE-2023-29491 (ncurses before 6.4 20230408, when used by a setuid application,
 CVE-2023-29490
 	RESERVED
 CVE-2023-29489 (An issue was discovered in cPanel before 11.109.9999.116. XSS can occu ...)
-	TODO: check
+	NOT-FOR-US: cPanel
 CVE-2023-29488
 	RESERVED
 CVE-2023-29487
@@ -5631,7 +5631,7 @@ CVE-2023-29257 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server
 CVE-2023-29256
 	RESERVED
 CVE-2023-29255 (IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-29254
 	RESERVED
 CVE-2023-29253
@@ -8101,7 +8101,7 @@ CVE-2023-28530
 CVE-2023-28529
 	RESERVED
 CVE-2023-28528 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-28527
 	RESERVED
 CVE-2023-28526
@@ -10369,7 +10369,7 @@ CVE-2023-27866
 CVE-2023-27865
 	RESERVED
 CVE-2023-27864 (IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to HTML  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-27863
 	RESERVED
 CVE-2023-27862
@@ -10377,7 +10377,7 @@ CVE-2023-27862
 CVE-2023-27861
 	RESERVED
 CVE-2023-27860 (IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensiti ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-27859
 	RESERVED
 CVE-2023-27858
@@ -11334,11 +11334,11 @@ CVE-2023-27559 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server
 CVE-2023-27558
 	RESERVED
 CVE-2023-27557 (IBM Counter Fraud Management for Safer Payments 6.1.0.00 through 6.1.1 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-27556 (IBM Counter Fraud Management for Safer Payments 6.1.0.00, 6.2.0.00, 6. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-27555 (IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-27554
 	RESERVED
 CVE-2023-27553
@@ -15415,9 +15415,9 @@ CVE-2023-26024
 CVE-2023-26023
 	RESERVED
 CVE-2023-26022 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is v ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-26021 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-26020 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	NOT-FOR-US: CrafterCMS
 CVE-2023-26019
@@ -15647,7 +15647,7 @@ CVE-2023-25932
 CVE-2023-25931 (Medtronic identified that the Pelvic Health clinician apps, which are  ...)
 	NOT-FOR-US: Pelvic Health clinician apps
 CVE-2023-25930 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-25929
 	RESERVED
 CVE-2023-25928 (IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scr ...)
@@ -18592,7 +18592,7 @@ CVE-2023-24968
 CVE-2023-24967
 	RESERVED
 CVE-2023-24966 (IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-si ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-24965
 	RESERVED
 CVE-2023-24964 (IBM InfoSphere Information Server 11.7 could allow a local user to obt ...)
@@ -249286,7 +249286,7 @@ CVE-2020-4731 (IBM Aspera Web Application 1.9.14 PL1 is vulnerable to cross-site
 CVE-2020-4730
 	RESERVED
 CVE-2020-4729 (IBM Counter Fraud Management for Safer Payments 5.7.0.00 through 5.7.0 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4728
 	RESERVED
 CVE-2020-4727 (IBM InfoSphere Information Server 11.7 could allow a remote attacker t ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/329512c9e3bbcdda58fb210979bd08bfd451d7e8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/329512c9e3bbcdda58fb210979bd08bfd451d7e8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230428/2b4c8f1e/attachment.htm>

More information about the debian-security-tracker-commits mailing list