[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu Feb 9 09:12:04 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e0744ae0 by Salvatore Bonaccorso at 2023-02-09T10:11:35+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -30294,11 +30294,11 @@ CVE-2022-42440
 CVE-2022-42439 (IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 an ...)
 	NOT-FOR-US: IBM
 CVE-2022-42438 (IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-42437
 	RESERVED
 CVE-2022-42436 (IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer could a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-42435 (IBM Business Automation Workflow 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0. ...)
 	NOT-FOR-US: IBM
 CVE-2022-42433
@@ -48124,7 +48124,7 @@ CVE-2022-35722 (IBM Jazz for Service Management is vulnerable to stored cross-si
 CVE-2022-35721 (IBM Jazz for Service Management 1.1.3 is vulnerable to stored cross-si ...)
 	NOT-FOR-US: IBM
 CVE-2022-35720 (IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Sec ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-35719 (IBM MQ Internet Pass-Thru 2.1, 9.2 LTS and 9.2 CD stores potentially s ...)
 	NOT-FOR-US: IBM
 CVE-2022-35718
@@ -52150,7 +52150,7 @@ CVE-2022-2191 (In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.
 	NOTE: https://github.com/eclipse/jetty.project/issues/8161
 	NOTE: https://github.com/eclipse/jetty.project/security/advisories/GHSA-8mpp-f3f7-xc28
 CVE-2022-34362 (IBM Sterling Secure Proxy 6.0.3 is vulnerable to HTTP header injection ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-34361 (IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographi ...)
 	NOT-FOR-US: IBM
 CVE-2022-34360
@@ -52174,7 +52174,7 @@ CVE-2022-34352
 CVE-2022-34351
 	RESERVED
 CVE-2022-34350 (IBM API Connect 10.0.0.0 through 10.0.5.0, 10.0.1.0 through 10.0.1.7,  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-34349
 	RESERVED
 CVE-2022-34348 (IBM Sterling Partner Engagement Manager 6.1 is vulnerable to an XML Ex ...)
@@ -53884,7 +53884,7 @@ CVE-2022-2096
 CVE-2022-2095 (An improper access control check in GitLab CE/EE affecting all version ...)
 	- gitlab <unfixed>
 CVE-2022-2094 (The Yellow Yard Searchbar WordPress plugin before 2.8.2 does not escap ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-2093 (The WP Duplicate Page WordPress plugin before 1.3 does not sanitize an ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-2092 (The WooCommerce PDF Invoices & Packing Slips WordPress plugin befo ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0744ae08d3e237c57dddc29729c8fef14a3f966

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0744ae08d3e237c57dddc29729c8fef14a3f966
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230209/793bc6b9/attachment.htm>
