[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Feb 17 21:50:14 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
28ed8252 by Salvatore Bonaccorso at 2023-02-17T22:49:46+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -155,7 +155,7 @@ CVE-2023-22838
 CVE-2023-0896
 	RESERVED
 CVE-2023-0895 (The WP Coder – add custom html, css and js code plugin for WordP ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0894
 	RESERVED
 CVE-2023-0893
@@ -3044,7 +3044,7 @@ CVE-2023-24966
 CVE-2023-24965
 	RESERVED
 CVE-2023-24964 (IBM InfoSphere Information Server 11.7 could allow a local user to obt ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-24963
 	RESERVED
 CVE-2023-24962
@@ -3052,7 +3052,7 @@ CVE-2023-24962
 CVE-2023-24961
 	RESERVED
 CVE-2023-24960 (IBM InfoSphere Information Server 11.7 could allow a remote attacker t ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-24959
 	RESERVED
 CVE-2023-24958
@@ -8972,7 +8972,7 @@ CVE-2023-22870
 CVE-2023-22869
 	RESERVED
 CVE-2023-22868 (IBM Aspera Faspex 4.4.1 is vulnerable to cross-site scripting. This vu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-22867
 	RESERVED
 CVE-2023-22866
@@ -11149,7 +11149,7 @@ CVE-2022-47988
 CVE-2022-47987
 	RESERVED
 CVE-2022-47986 (IBM Aspera Faspex 4.4.1 could allow a remote attacker to execute arbit ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-47985
 	RESERVED
 CVE-2022-47984
@@ -27494,13 +27494,13 @@ CVE-2022-43932 (Improper neutralization of special elements in output used by a
 CVE-2022-43931 (Out-of-bounds write vulnerability in Remote Desktop Functionality in S ...)
 	NOT-FOR-US: Synology VPN Plus Server
 CVE-2022-43930 (IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-43929 (IBM Db2 for Linux, UNIX and Windows 11.1 and 11.5 may be vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-43928
 	RESERVED
 CVE-2022-43927 (IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-43926
 	RESERVED
 CVE-2022-43925
@@ -28422,7 +28422,7 @@ CVE-2022-43581 (IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5,
 CVE-2022-43580
 	RESERVED
 CVE-2022-43579 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-43578
 	RESERVED
 CVE-2022-43577
@@ -33617,7 +33617,7 @@ CVE-2022-41736
 CVE-2022-41735 (IBM Business Process Manager 21.0.1 through 21.0.3.1, 20.0.0.1 through ...)
 	NOT-FOR-US: IBM
 CVE-2022-41734 (IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-41733 (IBM InfoSphere Information Server 11.7 could allow a remote attacked t ...)
 	NOT-FOR-US: IBM
 CVE-2022-41732 (IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear t ...)
@@ -37424,9 +37424,9 @@ CVE-2022-40234 (Versions of IBM Spectrum Protect Plus prior to 10.1.12 (excludin
 CVE-2022-40233 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local ...)
 	NOT-FOR-US: IBM
 CVE-2022-40232 (IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1,  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-40231 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-40230 ("IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does not invali ...)
 	NOT-FOR-US: IBM
 CVE-2022-40229
@@ -46898,7 +46898,7 @@ CVE-2022-36777
 CVE-2022-36776 (IBM Cloud Pak for Security (CP4S) 1.10.0.0 79and 1.10.2.0 is vulnerabl ...)
 	NOT-FOR-US: IBM
 CVE-2022-36775 (IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, 10.0.3.0, and ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-36774 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerabl ...)
 	NOT-FOR-US: IBM
 CVE-2022-36773 (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to an XM ...)
@@ -53652,7 +53652,7 @@ CVE-2022-34353
 CVE-2022-34352
 	RESERVED
 CVE-2022-34351 (IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allo ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-34350 (IBM API Connect 10.0.0.0 through 10.0.5.0, 10.0.1.0 through 10.0.1.7,  ...)
 	NOT-FOR-US: IBM
 CVE-2022-34349



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28ed82523f548e897beb3e854a948ae5de317361

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28ed82523f548e897beb3e854a948ae5de317361
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230217/85aceaef/attachment.htm>

More information about the debian-security-tracker-commits mailing list