[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 16 Nov 2022 00:38:05 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e6e43e84 by Salvatore Bonaccorso at 2022-11-16T09:37:27+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,15 +11,15 @@ CVE-2022-4008
 CVE-2022-4007
        RESERVED
 CVE-2022-4006 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: WBCE CMS
 CVE-2022-4005
        RESERVED
 CVE-2022-4004
        RESERVED
 CVE-2021-4241 (A vulnerability, which was classified as problematic, was found 
in php ...)
-       TODO: check
+       NOT-FOR-US: phpservermon
 CVE-2021-4240 (A vulnerability, which was classified as problematic, was found 
in php ...)
-       TODO: check
+       NOT-FOR-US: phpservermon
 CVE-2022-45442
        RESERVED
 CVE-2022-45441
@@ -417,51 +417,51 @@ CVE-2022-45403
 CVE-2022-45402 (In Apache Airflow versions prior to 2.4.3, there was an open 
redirect  ...)
        - airflow <itp> (bug #819700)
 CVE-2022-45401 (Jenkins Associated Files Plugin 0.2.1 and earlier does not 
escape name ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Associated Files Plugin
 CVE-2022-45400 (Jenkins JAPEX Plugin 1.7 and earlier does not configure its 
XML parser ...)
-       TODO: check
+       NOT-FOR-US: Jenkins JAPEX Plugin
 CVE-2022-45399 (A missing permission check in Jenkins Cluster Statistics 
Plugin 0.4.6  ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Cluster Statistics Plugin
 CVE-2022-45398 (A cross-site request forgery (CSRF) vulnerability in Jenkins 
Cluster S ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Cluster Statistics Plugin
 CVE-2022-45397 (Jenkins OSF Builder Suite : : XML Linter Plugin 1.0.2 and 
earlier does ...)
-       TODO: check
+       NOT-FOR-US: Jenkins OSF Builder Suite : : XML Linter Plugin
 CVE-2022-45396 (Jenkins SourceMonitor Plugin 0.2 and earlier does not 
configure its XM ...)
-       TODO: check
+       NOT-FOR-US: Jenkins SourceMonitor Plugin
 CVE-2022-45395 (Jenkins CCCC Plugin 0.6 and earlier does not configure its XML 
parser  ...)
-       TODO: check
+       NOT-FOR-US: Jenkins CCCC Plugin
 CVE-2022-45394 (A missing permission check in Jenkins Delete log Plugin 1.0 
and earlie ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Delete log Plugin
 CVE-2022-45393 (A cross-site request forgery (CSRF) vulnerability in Jenkins 
Delete lo ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Delete log Plugin
 CVE-2022-45392 (Jenkins NS-ND Integration Performance Publisher Plugin 
4.8.0.143 and e ...)
-       TODO: check
+       NOT-FOR-US: Jenkins NS-ND Integration Performance Publisher Plugin
 CVE-2022-45391 (Jenkins NS-ND Integration Performance Publisher Plugin 
4.8.0.143 and e ...)
-       TODO: check
+       NOT-FOR-US: Jenkins NS-ND Integration Performance Publisher Plugin
 CVE-2022-45390 (A missing permission check in Jenkins loader.io Plugin 1.0.1 
and earli ...)
-       TODO: check
+       NOT-FOR-US: Jenkins loader.io Plugin
 CVE-2022-45389 (A missing permission check in Jenkins XP-Dev Plugin 1.0 and 
earlier al ...)
-       TODO: check
+       NOT-FOR-US: Jenkins XP-Dev Plugin
 CVE-2022-45388 (Jenkins Config Rotator Plugin 2.0.1 and earlier does not 
restrict a fi ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Config Rotator Plugin
 CVE-2022-45387 (Jenkins BART Plugin 1.0.3 and earlier does not escape the 
parsed conte ...)
-       TODO: check
+       NOT-FOR-US: Jenkins BART Plugin
 CVE-2022-45386 (Jenkins Violations Plugin 0.7.11 and earlier does not 
configure its XM ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Violations Plugin
 CVE-2022-45385 (A missing permission check in Jenkins CloudBees Docker 
Hub/Registry No ...)
-       TODO: check
+       NOT-FOR-US: CloudBees Docker Hub/Registry Notification Plugin
 CVE-2022-45384 (Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the 
LDAP ma ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Reverse Proxy Auth Plugin
 CVE-2022-45383 (An incorrect permission check in Jenkins Support Core Plugin 
1206.v140 ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Support Core Plugin
 CVE-2022-45382 (Jenkins Naginator Plugin 1.18.1 and earlier does not escape 
display na ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Naginator Plugin
 CVE-2022-45381 (Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does 
not rest ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Pipeline Utility Steps Plugin
 CVE-2022-45380 (Jenkins JUnit Plugin 1159.v0b_396e1e07dd and earlier converts 
HTTP(S)  ...)
-       TODO: check
+       NOT-FOR-US: Jenkins JUnit Plugin
 CVE-2022-45379 (Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and 
earlier store ...)
-       TODO: check
+       NOT-FOR-US: Jenkins Script Security Plugin
 CVE-2022-45378 (** UNSUPPORTED WHEN ASSIGNED ** In the default configuration 
of Apache ...)
        NOT-FOR-US: Apache SOAP
 CVE-2022-45377



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6e43e840c8c5279823dbdce3619ef694dafed76

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6e43e840c8c5279823dbdce3619ef694dafed76
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to