[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jun 28 21:23:16 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9b3bf2b6 by Salvatore Bonaccorso at 2024-06-28T22:22:42+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -47,35 +47,35 @@ CVE-2024-38374 (The CycloneDX core module provides a model representation of the
 CVE-2024-38371 (authentik is an open-source Identity Provider. Access restrictions ass ...)
 	TODO: check
 CVE-2024-38322 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent us ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-37905 (authentik is an open-source Identity Provider that emphasizes flexibil ...)
 	TODO: check
 CVE-2024-37741 (OpenPLC 3 through 9cd8f1b allows XSS via an SVG document as a profile  ...)
 	TODO: check
 CVE-2024-35156 (IBM MQ 9.3 LTS and 9.3 CD could allow a remote attacker to obtain sens ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-35155 (IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-35139 (IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could all ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-35137 (IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could all ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-35116 (IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-31919 (IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD, in certain confi ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-31912 (IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalat ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-27629 (An issue in dc2niix before v.1.0.20240202 allows a local attacker to e ...)
 	TODO: check
 CVE-2024-27628 (Buffer Overflow vulnerability in DCMTK v.3.6.8 allows an attacker to e ...)
 	TODO: check
 CVE-2024-25053 (IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 1 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-25041 (IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 1 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-25031 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-6296 (The Stackable \u2013 Page Builder Gutenberg Blocks plugin for WordPres ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-6288 (The Conversios \u2013 Google Analytics 4 (GA4), Meta Pixel & more Via  ...)
@@ -148154,7 +148154,7 @@ CVE-2022-38385 (IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.2.0 coul
 CVE-2022-38384
 	RESERVED
 CVE-2022-38383 (IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM Q ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-38382
 	RESERVED
 CVE-2022-38105 (An information disclosure vulnerability exists in the cm_processREQ_NC ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b3bf2b6a2da5641dd5e1fe591dd206a65f4578f

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b3bf2b6a2da5641dd5e1fe591dd206a65f4578f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240628/7f1f4403/attachment.htm>


More information about the debian-security-tracker-commits mailing list