[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
499fa8b0 by Salvatore Bonaccorso at 2022-04-14T06:39:43+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -217,7 +217,7 @@ CVE-2022-1341
 CVE-2022-1340
 	RESERVED
 CVE-2022-1339 (SQL injection in ElementController.php in GitHub repository pimcore/pi ...)
-	TODO: check
+	NOT-FOR-US: pimcore
 CVE-2022-1338
 	RESERVED
 CVE-2022-1337 (The image proxy component in Mattermost version 6.4.1 and earlier allo ...)
@@ -229,7 +229,7 @@ CVE-2022-1335
 CVE-2022-1334
 	RESERVED
 CVE-2022-1333 (Mattermost Playbooks plugin v1.24.0 and earlier fails to properly chec ...)
-	TODO: check
+	NOT-FOR-US: Mattermost Playbooks plugin
 CVE-2015-20107 (In Python (aka CPython) through 3.10.4, the mailcap module does not ad ...)
 	TODO: check
 CVE-2022-29157
@@ -481,39 +481,39 @@ CVE-2022-29054
 CVE-2022-29053
 	RESERVED
 CVE-2022-29052 (Jenkins Google Compute Engine Plugin 4.3.8 and earlier stores private  ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29051 (Missing permission checks in Jenkins Publish Over FTP Plugin 1.16 and  ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29050 (A cross-site request forgery (CSRF) vulnerability in Jenkins Publish O ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29049 (Jenkins promoted builds Plugin 873.v6149db_d64130 and earlier, except  ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29048 (A cross-site request forgery (CSRF) vulnerability in Jenkins Subversio ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29047 (Jenkins Pipeline: Shared Groovy Libraries Plugin 564.ve62a_4eb_b_e039  ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29046 (Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name  ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29045 (Jenkins promoted builds Plugin 873.v6149db_d64130 and earlier, except  ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29044 (Jenkins Node and Label parameter Plugin 1.10.3 and earlier does not es ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29043 (Jenkins Mask Passwords Plugin 3.0 and earlier does not escape the name ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29042 (Jenkins Job Generator Plugin 1.22 and earlier does not escape the name ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29041 (Jenkins Jira Plugin 3.7 and earlier, except 3.6.1, does not escape the ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29040 (Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the na ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29039 (Jenkins Gerrit Trigger Plugin 2.35.2 and earlier does not escape the n ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29038 (Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlie ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29037 (Jenkins CVS Plugin 2.19 and earlier does not escape the name and descr ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29036 (Jenkins Credentials Plugin 1111.v35a_307992395 and earlier, except 108 ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2022-29035 (In JetBrains Ktor Native before version 2.0.0 random values used for n ...)
 	NOT-FOR-US: JetBrains Ktor
 CVE-2022-29034



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/499fa8b06ec461fd7b63083e3af20eafaba12e95

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/499fa8b06ec461fd7b63083e3af20eafaba12e95
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220414/565207b0/attachment.htm>