diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2021-02-25 21:59:00 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-02-25 21:59:00 +0100 |
| commit | 85125a6abcb1e919cafb23566e559f0d55ee2605 (patch) | |
| tree | a1c727f36cb68b85c59157d0f9e79885365466de /data/CVE/2019.list | |
| parent | 3be94676501dc5b5fc8ba0776628ecd4c434a12e (diff) | |
Replace some jenkins specific NFUs to the source package
Diffstat (limited to 'data/CVE/2019.list')
| -rw-r--r-- | data/CVE/2019.list | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list index aef807709c..888c00e3d6 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -25949,9 +25949,9 @@ CVE-2019-11068 (libxslt through 1.1.33 allows bypass of a protection mechanism b CVE-2019-11067 RESERVED CVE-2019-1003050 (The f:validateButton form control for the Jenkins UI did not properly ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-1003049 (Users who cached their CLI authentication before Jenkins was updated t ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-11066 (openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted Open ...) NOT-FOR-US: LightOpenID CVE-2019-11065 (Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download ...) @@ -27733,17 +27733,17 @@ CVE-2019-10408 (A cross-site request forgery vulnerability in Jenkins Project In CVE-2019-10407 (Jenkins Project Inheritance Plugin 2.0.0 and earlier displayed a list ...) NOT-FOR-US: Jenkins plugin CVE-2019-10406 (Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not restrict or ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-10405 (Jenkins 2.196 and earlier, LTS 2.176.3 and earlier printed the value o ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-10404 (Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not escape the ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-10403 (Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not escape the ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-10402 (In Jenkins 2.196 and earlier, LTS 2.176.3 and earlier, the f:combobox ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-10401 (In Jenkins 2.196 and earlier, LTS 2.176.3 and earlier, the f:expandabl ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-10400 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 ...) NOT-FOR-US: Jenkins plugin CVE-2019-10399 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 ...) @@ -27777,9 +27777,9 @@ CVE-2019-10386 (A cross-site request forgery vulnerability in Jenkins XL TestVie CVE-2019-10385 (Jenkins eggPlant Plugin 2.2 and earlier stores credentials unencrypted ...) NOT-FOR-US: Jenkins plugin CVE-2019-10384 (Jenkins 2.191 and earlier, LTS 2.176.2 and earlier allowed users to ob ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-10383 (A stored cross-site scripting vulnerability in Jenkins 2.191 and earli ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-10382 (Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier disables SS ...) NOT-FOR-US: Jenkins plugin CVE-2019-10381 (Jenkins Codefresh Integration Plugin 1.8 and earlier disables SSL/TLS ...) @@ -27837,11 +27837,11 @@ CVE-2019-10356 (A sandbox bypass vulnerability in Jenkins Script Security Plugin CVE-2019-10355 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 ...) NOT-FOR-US: Jenkins Script Security Plugin CVE-2019-10354 (A vulnerability in the Stapler web framework used in Jenkins 2.185 and ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-10353 (CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-10352 (A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176 ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-10351 (Jenkins Caliper CI Plugin stores credentials unencrypted in job config ...) NOT-FOR-US: Jenkins plugin CVE-2019-10350 (Jenkins Port Allocator Plugin stores credentials unencrypted in job co ...) @@ -32894,15 +32894,15 @@ CVE-2019-8952 (A Path Traversal vulnerability located in the webserver affects s CVE-2019-8951 (An Open Redirect vulnerability located in the webserver affects severa ...) NOT-FOR-US: Bosch CVE-2019-1003028 (A server-side request forgery vulnerability exists in Jenkins JMS Mess ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-1003027 (A server-side request forgery vulnerability exists in Jenkins OctopusD ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-1003026 (A server-side request forgery vulnerability exists in Jenkins Mattermo ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-1003025 (A exposure of sensitive information vulnerability exists in Jenkins Cl ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-1003024 (A sandbox bypass vulnerability exists in Jenkins Script Security Plugi ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-8950 (The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices w ...) NOT-FOR-US: DASAN CVE-2019-8949 @@ -38911,9 +38911,9 @@ CVE-2019-6502 (sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a me NOTE: https://github.com/OpenSC/OpenSC/commit/0d7967549751b7032f22b437106b41444aff0ba9 (0.20.0-rc1) NOTE: Negligible security impact, assigning a CVE seems out of proportion... CVE-2019-1003004 (An improper authorization vulnerability exists in Jenkins 2.158 and ea ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-1003003 (An improper authorization vulnerability exists in Jenkins 2.158 and ea ...) - NOT-FOR-US: Jenkins + - jenkins <removed> CVE-2019-1003002 (A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin ...) NOT-FOR-US: Jenkins plugin CVE-2019-1003001 (A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 ...) |