Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
499fa8b0 by Salvatore Bonaccorso at 2022-04-14T06:39:43+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -217,7 +217,7 @@ CVE-2022-1341
CVE-2022-1340
RESERVED
CVE-2022-1339 (SQL injection in ElementController.php in GitHub repository
pimcore/pi ...)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2022-1338
RESERVED
CVE-2022-1337 (The image proxy component in Mattermost version 6.4.1 and
earlier allo ...)
@@ -229,7 +229,7 @@ CVE-2022-1335
CVE-2022-1334
RESERVED
CVE-2022-1333 (Mattermost Playbooks plugin v1.24.0 and earlier fails to
properly chec ...)
- TODO: check
+ NOT-FOR-US: Mattermost Playbooks plugin
CVE-2015-20107 (In Python (aka CPython) through 3.10.4, the mailcap module
does not ad ...)
TODO: check
CVE-2022-29157
@@ -481,39 +481,39 @@ CVE-2022-29054
CVE-2022-29053
RESERVED
CVE-2022-29052 (Jenkins Google Compute Engine Plugin 4.3.8 and earlier stores
private ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29051 (Missing permission checks in Jenkins Publish Over FTP Plugin
1.16 and ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29050 (A cross-site request forgery (CSRF) vulnerability in Jenkins
Publish O ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29049 (Jenkins promoted builds Plugin 873.v6149db_d64130 and earlier,
except ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29048 (A cross-site request forgery (CSRF) vulnerability in Jenkins
Subversio ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29047 (Jenkins Pipeline: Shared Groovy Libraries Plugin
564.ve62a_4eb_b_e039 ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29046 (Jenkins Subversion Plugin 2.15.3 and earlier does not escape
the name ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29045 (Jenkins promoted builds Plugin 873.v6149db_d64130 and earlier,
except ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29044 (Jenkins Node and Label parameter Plugin 1.10.3 and earlier
does not es ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29043 (Jenkins Mask Passwords Plugin 3.0 and earlier does not escape
the name ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29042 (Jenkins Job Generator Plugin 1.22 and earlier does not escape
the name ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29041 (Jenkins Jira Plugin 3.7 and earlier, except 3.6.1, does not
escape the ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29040 (Jenkins Git Parameter Plugin 0.9.15 and earlier does not
escape the na ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29039 (Jenkins Gerrit Trigger Plugin 2.35.2 and earlier does not
escape the n ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29038 (Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c
and earlie ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29037 (Jenkins CVS Plugin 2.19 and earlier does not escape the name
and descr ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29036 (Jenkins Credentials Plugin 1111.v35a_307992395 and earlier,
except 108 ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2022-29035 (In JetBrains Ktor Native before version 2.0.0 random values
used for n ...)
NOT-FOR-US: JetBrains Ktor
CVE-2022-29034
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/499fa8b06ec461fd7b63083e3af20eafaba12e95
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/499fa8b06ec461fd7b63083e3af20eafaba12e95
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
