From b111ac867a67e143baf9b8b687c719d434560509 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 22 Jun 2022 22:36:01 +0200 Subject: Process some NFUs --- data/CVE/list | 80 +++++++++++++++++++++++++++++------------------------------ 1 file changed, 40 insertions(+), 40 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index eb0ddcff0a..efc7e9660b 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -62,7 +62,7 @@ CVE-2022-34298 (The NT auth module in OpenAM before 14.6.6 allows a "replace Sam CVE-2022-34297 RESERVED CVE-2022-34296 (In Zalando Skipper before 0.13.218, a query predicate could be bypasse ...) - TODO: check + NOT-FOR-US: Zalando Skipper CVE-2022-34295 (totd before 1.5.3 does not properly randomize mesg IDs. ...) TODO: check CVE-2022-34294 @@ -126,7 +126,7 @@ CVE-2022-2176 CVE-2022-2175 RESERVED CVE-2022-2174 (Cross-site Scripting (XSS) - Reflected in GitHub repository microweber ...) - TODO: check + NOT-FOR-US: microweber CVE-2022-2173 RESERVED CVE-2022-2172 @@ -256,81 +256,81 @@ CVE-2022-34215 CVE-2022-34214 RESERVED CVE-2022-34213 (Jenkins Squash TM Publisher (Squash4Jenkins) Plugin 1.0.0 and earlier ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34212 (A missing permission check in Jenkins vRealize Orchestrator Plugin 3.0 ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34211 (A cross-site request forgery (CSRF) vulnerability in Jenkins vRealize ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34210 (A missing permission check in Jenkins ThreadFix Plugin 1.5.4 and earli ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34209 (A cross-site request forgery (CSRF) vulnerability in Jenkins ThreadFix ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34208 (A missing permission check in Jenkins Beaker builder Plugin 1.10 and e ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34207 (A cross-site request forgery (CSRF) vulnerability in Jenkins Beaker bu ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34206 (A missing permission check in Jenkins Jianliao Notification Plugin 1.1 ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34205 (A cross-site request forgery (CSRF) vulnerability in Jenkins Jianliao ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34204 (A missing permission check in Jenkins EasyQA Plugin 1.0 and earlier al ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34203 (A cross-site request forgery (CSRF) vulnerability in Jenkins EasyQA Pl ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34202 (Jenkins EasyQA Plugin 1.0 and earlier stores user passwords unencrypte ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34201 (A missing permission check in Jenkins Convertigo Mobile Platform Plugi ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34200 (A cross-site request forgery (CSRF) vulnerability in Jenkins Convertig ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34199 (Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier stores passw ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34198 (Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier does not escap ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34197 (Jenkins Sauce OnDemand Plugin 1.204 and earlier does not escape the na ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34196 (Jenkins REST List Parameter Plugin 1.5.2 and earlier does not escape t ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34195 (Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34194 (Jenkins Readonly Parameter Plugin 1.0.0 and earlier does not escape th ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34193 (Jenkins Package Version Plugin 1.0.1 and earlier does not escape the n ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34192 (Jenkins ontrack Jenkins Plugin 4.0.0 and earlier does not escape the n ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34191 (Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.77 and ea ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34190 (Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.1 and ear ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34189 (Jenkins Image Tag Parameter Plugin 1.10 and earlier does not escape th ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34188 (Jenkins Hidden Parameter Plugin 0.0.4 and earlier does not escape the ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34187 (Jenkins Filesystem List Parameter Plugin 0.0.7 and earlier does not es ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34186 (Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier doe ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34185 (Jenkins Date Parameter Plugin 0.0.4 and earlier does not escape the na ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34184 (Jenkins CRX Content Package Deployer Plugin 1.9 and earlier does not e ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34183 (Jenkins Agent Server Parameter Plugin 1.1 and earlier does not escape ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34182 (Jenkins Nested View Plugin 1.20 through 1.25 (both inclusive) does not ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34181 (Jenkins xUnit Plugin 3.0.8 and earlier implements an agent-to-controll ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34180 (Jenkins Embeddable Build Status Plugin 2.0.3 and earlier does not corr ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34179 (Jenkins Embeddable Build Status Plugin 2.0.3 and earlier allows specif ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34178 (Jenkins Embeddable Build Status Plugin 2.0.3 allows specifying a 'link ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34177 (Jenkins Pipeline: Input Step Plugin 448.v37cea_9a_10a_70 and earlier a ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34176 (Jenkins JUnit Plugin 1119.va_a_5e9068da_d7 and earlier does not escape ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2022-34175 (Jenkins 2.335 through 2.355 (both inclusive) allows attackers in some ...) TODO: check CVE-2022-34174 (In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable t ...) -- cgit v1.2.3