[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Oct 4 21:21:11 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ec6609da by Salvatore Bonaccorso at 2023-10-04T22:20:40+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -63,13 +63,13 @@ CVE-2023-42448 (Hydra is the layer-two scalability solution for Cardano. Prior t
 CVE-2023-41094 (TouchLink packets processed after timeout or out of range due to Opera ...)
 	TODO: check
 CVE-2023-40684 (IBM Content Navigator 3.0.11, 3.0.13, and 3.0.14 with IBM Daeja ViewOn ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-40561 (Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Enhance ...)
 	TODO: check
 CVE-2023-40559 (Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Dynamic ...)
 	TODO: check
 CVE-2023-40376 (IBM UrbanCode Deploy (UCD) 7.1 - 7.1.2.12, 7.2 through 7.2.3.5, and 7. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-3701 (Aqua Drive, in its 2.4 version, is vulnerable to a relative path trave ...)
 	TODO: check
 CVE-2023-3665 (A code injection vulnerability in Trellix ENS 10.7.0 April 2023 releas ...)
@@ -64192,7 +64192,7 @@ CVE-2022-43908 (IBM Security Guardium 11.3 could allow an authenticated user to
 CVE-2022-43907 (IBM Security Guardium 11.4 could allow a remote authenticated attacker ...)
 	NOT-FOR-US: IBM
 CVE-2022-43906 (IBM Security Guardium 11.5 could disclose sensitive information due to ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-43905
 	RESERVED
 CVE-2022-43904 (IBM Security Guardium 11.3 and 11.4 could disclose sensitive informati ...)
@@ -127188,7 +127188,7 @@ CVE-2022-22449 (IBM Security Verify Governance, Identity Manager 10.01 could all
 CVE-2022-22448
 	RESERVED
 CVE-2022-22447 (IBM Disconnected Log Collector 1.0 through 1.8.2 is vulnerable to pote ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-22446
 	RESERVED
 CVE-2022-22445 (An attacker that gains service access to the FSP (POWER9 only) or gain ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec6609da043806dc464755e9cd6706a369ceb77e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec6609da043806dc464755e9cd6706a369ceb77e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231004/81df42c4/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list