automatic update

author: security tracker role <sectracker@soriano.debian.org> 2020-09-01 20:10:30 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2020-09-01 20:10:30 +0000
commit: f2b39cd468d17f420f0030dda5a8e6d506831c4a (patch)
tree: 0325f73057cbfb539e0fa805aac50eb8d6e32059 /data
parent: 03721f95d8823fdc6520208f633d2ef57a4a0182 (diff)
4 files changed, 160 insertions, 160 deletions
diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index 21749206b1..de99c4810d 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -8458,18 +8458,18 @@ CVE-2012-3343 (Cross-site request forgery (CSRF) vulnerability in Microdasys bef
 CVE-2012-3342 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2012-3341
-	RESERVED
-CVE-2012-3340
-	RESERVED
+CVE-2012-3341 (IBM InfoSphere Guardium 7.0, 8.0, 8.01, and 8.2 is vulnerable to cross ...)
+	TODO: check
+CVE-2012-3340 (IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML extern ...)
+	TODO: check
 CVE-2012-3339
 	RESERVED
-CVE-2012-3338
-	RESERVED
-CVE-2012-3337
-	RESERVED
-CVE-2012-3336
-	RESERVED
+CVE-2012-3338 (IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attack ...)
+	TODO: check
+CVE-2012-3337 (IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attack ...)
+	TODO: check
+CVE-2012-3336 (IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to SQL inject ...)
+	TODO: check
 CVE-2012-3335
 	RESERVED
 CVE-2012-3334 (Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 ...)
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index ec4b8c0598..edba4affae 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -23188,8 +23188,8 @@ CVE-2018-12477 (A Improper Neutralization of CRLF Sequences vulnerability in Ope
 	NOTE: https://github.com/openSUSE/obs-service-refresh_patches/commit/d6244245dda5367767efc989446fe4b5e4609cce
 CVE-2018-12476 (Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE L ...)
 	NOT-FOR-US: obs-service-tar_scm
-CVE-2018-12475
-	RESERVED
+CVE-2018-12475 (A Externally Controlled Reference to a Resource in Another Sphere vuln ...)
+	TODO: check
 CVE-2018-12474 (Improper input validation in obs-service-tar_scm of Open Build Service ...)
 	NOT-FOR-US: obs-service-tar_scm of Open Build Service
 CVE-2018-12473 (A path traversal traversal vulnerability in obs-service-tar_scm of Ope ...)
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index c413665074..0592e4c0a2 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -40838,8 +40838,8 @@ CVE-2019-5647 (The Chrome Plugin for Rapid7 AppSpider can incorrectly keep brows
 	NOT-FOR-US: Chrome Plugin for Rapid7 AppSpider
 CVE-2019-5646
 	RESERVED
-CVE-2019-5645
-	RESERVED
+CVE-2019-5645 (By sending a specially crafted HTTP GET request to a listening Rapid7  ...)
+	TODO: check
 CVE-2019-5644 (Computing For Good's Basic Laboratory Information System (also known a ...)
 	NOT-FOR-US: Computing For Good's Basic Laboratory Information System
 CVE-2019-5643 (Computing For Good's Basic Laboratory Information System (also known a ...)
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 8866fe1008..dc390aaff1 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,3 +1,5 @@
+CVE-2020-25068
+	RESERVED
 CVE-2020-25067 (NETGEAR R8300 devices before 1.0.2.134 are affected by command injecti ...)
 	NOT-FOR-US: Netgear
 CVE-2020-25066
@@ -980,15 +982,13 @@ CVE-2020-24585 (An issue was discovered in the DTLS handshake implementation in
 	- wolfssl <unfixed>
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/3219
 	NOTE: https://github.com/wolfSSL/wolfssl/commit/3be7f3ea3a56d178acf0f7f84ee4ae8cbfee8915 (v4.5.0-stable)
-CVE-2020-24584
-	RESERVED
+CVE-2020-24584 (An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10 ...)
 	- python-django 2:2.2.16-1 (bug #969367)
 	NOTE: https://github.com/django/django/commit/1853724acaf17ed7414d54c7d2b5563a25025a71 (master)
 	NOTE: https://github.com/django/django/commit/2b099caa5923afa8cfb5f1e8c0d56b6e0e81915b (3.1.1)
 	NOTE: https://github.com/django/django/commit/cdb367c92a0ba72ddc0cbd13ff42b0e6df709554 (3.0.10)
 	NOTE: https://github.com/django/django/commit/a3aebfdc8153dc230686b6d2454ccd32ed4c9e6f (2.2.16)
-CVE-2020-24583
-	RESERVED
+CVE-2020-24583 (An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10 ...)
 	- python-django 2:2.2.16-1 (bug #969367)
 	NOTE: https://github.com/django/django/commit/8d7271578d7b153435b40fe40236ebec43cbf1b9 (master)
 	NOTE: https://github.com/django/django/commit/934430d22aa5d90c2ba33495ff69a6a1d997d584 (3.1.1)
@@ -1040,14 +1040,14 @@ CVE-2020-24561
 	RESERVED
 CVE-2020-24560
 	RESERVED
-CVE-2020-24559
-	RESERVED
-CVE-2020-24558
-	RESERVED
-CVE-2020-24557
-	RESERVED
-CVE-2020-24556
-	RESERVED
+CVE-2020-24559 (A vulnerability in Trend Micro Apex One on macOS may allow an attacker ...)
+	TODO: check
+CVE-2020-24558 (A vulnerability in an Trend Micro Apex One dll may allow an attacker t ...)
+	TODO: check
+CVE-2020-24557 (A vulnerability in Trend Micro Apex One on Microsoft Windows may allow ...)
+	TODO: check
+CVE-2020-24556 (A vulnerability in Trend Micro Apex One and OfficeScan XG SP1 on Micro ...)
+	TODO: check
 CVE-2020-24614 (Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 a ...)
 	- fossil 1:2.12.1-1
 	[buster] - fossil <no-dsa> (Minor issue)
@@ -1056,8 +1056,8 @@ CVE-2020-24614 (Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.
 	NOTE: https://fossil-scm.org/fossil/vdiff?branch=sec2020-2.12-patch&diff=1&w
 CVE-2020-24555
 	RESERVED
-CVE-2020-24554
-	RESERVED
+CVE-2020-24554 (The redirect module in Liferay Portal before 7.3.3 does not limit the  ...)
+	TODO: check
 CVE-2020-24553
 	RESERVED
 CVE-2020-24552
@@ -2146,8 +2146,8 @@ CVE-2020-24036
 	RESERVED
 CVE-2020-24035
 	RESERVED
-CVE-2020-24034
-	RESERVED
+CVE-2020-24034 (Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecu ...)
+	TODO: check
 CVE-2020-24033
 	RESERVED
 CVE-2020-24032 (tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cm ...)
@@ -2272,8 +2272,8 @@ CVE-2020-23973 (KandNconcepts Club CMS 1.1 and 1.2 has SQL Injection via the 'te
 	NOT-FOR-US: KandNconcepts Club CMS
 CVE-2020-23972 (In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can  ...)
 	NOT-FOR-US: Joomla Component GMapFP
-CVE-2020-23971
-	RESERVED
+CVE-2020-23971 (gmapfp.org Joomla Component GMapFP J3.30pro is affected by Insecure Pe ...)
+	TODO: check
 CVE-2020-23970
 	RESERVED
 CVE-2020-23969
@@ -2536,28 +2536,28 @@ CVE-2020-23841
 	RESERVED
 CVE-2020-23840
 	RESERVED
-CVE-2020-23839
-	RESERVED
+CVE-2020-23839 (A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS  ...)
+	TODO: check
 CVE-2020-23838
 	RESERVED
 CVE-2020-23837
 	RESERVED
-CVE-2020-23836
-	RESERVED
-CVE-2020-23835
-	RESERVED
+CVE-2020-23836 (A Cross-Site Request Forgery (CSRF) vulnerability in edit_user.php in  ...)
+	TODO: check
+CVE-2020-23835 (A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php  ...)
+	TODO: check
 CVE-2020-23834
 	RESERVED
 CVE-2020-23833
 	RESERVED
 CVE-2020-23832
 	RESERVED
-CVE-2020-23831
-	RESERVED
+CVE-2020-23831 (A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php  ...)
+	TODO: check
 CVE-2020-23830
 	RESERVED
-CVE-2020-23829
-	RESERVED
+CVE-2020-23829 (interface/new/new_comprehensive_save.php in LibreHealth EHR 2.0.0 suff ...)
+	TODO: check
 CVE-2020-23828
 	RESERVED
 CVE-2020-23827
@@ -3314,8 +3314,8 @@ CVE-2020-23452
 	RESERVED
 CVE-2020-23451
 	RESERVED
-CVE-2020-23450
-	RESERVED
+CVE-2020-23450 (Spiceworks Version &lt;= 7.5.00107 is affected by XSS. Any name typed  ...)
+	TODO: check
 CVE-2020-23449
 	RESERVED
 CVE-2020-23448
@@ -15432,8 +15432,8 @@ CVE-2020-17407
 	RESERVED
 CVE-2020-17406
 	RESERVED
-CVE-2020-17405
-	RESERVED
+CVE-2020-17405 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+	TODO: check
 CVE-2020-17404 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
 CVE-2020-17403 (This vulnerability allows remote attackers to execute arbitrary code o ...)
@@ -20421,8 +20421,8 @@ CVE-2020-15152 (ftp-srv versions 1.0.0 through 4.3.3 are vulnerable to Server-Si
 	NOT-FOR-US: Node ftp-srv
 CVE-2020-15151 (OpenMage LTS before versions 19.4.6 and 20.0.2 allows attackers to cir ...)
 	NOT-FOR-US: OpenMage
-CVE-2020-15150
-	RESERVED
+CVE-2020-15150 (There is a vulnerability in Paginator (Elixir/Hex package) which makes ...)
+	TODO: check
 CVE-2020-15149 (NodeBB before version 1.14.3 has a bug introduced in version 1.12.2 in ...)
 	NOT-FOR-US: NodeBB
 CVE-2020-15148
@@ -21818,8 +21818,8 @@ CVE-2020-14516
 	RESERVED
 CVE-2020-14515
 	RESERVED
-CVE-2020-14514
-	RESERVED
+CVE-2020-14514 (All trailer Power Line Communications are affected. PLC bus traffic ca ...)
+	TODO: check
 CVE-2020-14513
 	RESERVED
 CVE-2020-14512 (GateManager versions prior to 9.2c, The affected product uses a weak h ...)
@@ -26091,8 +26091,8 @@ CVE-2020-12778 (Combodo iTop does not validate inputted parameters, attackers ca
 	NOT-FOR-US: Combodo iTop
 CVE-2020-12777 (A function in Combodo iTop contains a vulnerability of Broken Access C ...)
 	NOT-FOR-US: Combodo iTop
-CVE-2020-12776
-	RESERVED
+CVE-2020-12776 (Openfind Mail2000 contains Broken Access Control vulnerability, which  ...)
+	TODO: check
 CVE-2020-12775
 	RESERVED
 CVE-2020-12774 (D-Link DSL-7740C does not properly validate user input, which allows a ...)
@@ -37736,8 +37736,8 @@ CVE-2020-8025 (A Incorrect Execution-Assigned Permissions vulnerability in the p
 	NOT-FOR-US: SAP
 CVE-2020-8024 (A Incorrect Default Permissions vulnerability in the packaging of hyla ...)
 	- hylafax <not-affected> (SuSE-specific packaging issue)
-CVE-2020-8023
-	RESERVED
+CVE-2020-8023 (A acceptance of Extraneous Untrusted Data With Trusted Data vulnerabil ...)
+	TODO: check
 CVE-2020-8022 (A Incorrect Default Permissions vulnerability in the packaging of tomc ...)
 	NOT-FOR-US: SAP
 CVE-2020-8021 (a Improper Access Control vulnerability in of Open Build Service allow ...)
@@ -38382,36 +38382,36 @@ CVE-2020-7729
 	RESERVED
 CVE-2020-7728
 	RESERVED
-CVE-2020-7727
-	RESERVED
-CVE-2020-7726
-	RESERVED
-CVE-2020-7725
-	RESERVED
-CVE-2020-7724
-	RESERVED
-CVE-2020-7723
-	RESERVED
-CVE-2020-7722
-	RESERVED
-CVE-2020-7721
-	RESERVED
-CVE-2020-7720
-	RESERVED
-CVE-2020-7719
-	RESERVED
-CVE-2020-7718
-	RESERVED
-CVE-2020-7717
-	RESERVED
-CVE-2020-7716
-	RESERVED
-CVE-2020-7715
-	RESERVED
-CVE-2020-7714
-	RESERVED
-CVE-2020-7713
-	RESERVED
+CVE-2020-7727 (All versions of package gedi are vulnerable to Prototype Pollution via ...)
+	TODO: check
+CVE-2020-7726 (All versions of package safe-object2 are vulnerable to Prototype Pollu ...)
+	TODO: check
+CVE-2020-7725 (All versions of package worksmith are vulnerable to Prototype Pollutio ...)
+	TODO: check
+CVE-2020-7724 (All versions of package tiny-conf are vulnerable to Prototype Pollutio ...)
+	TODO: check
+CVE-2020-7723 (All versions of package promisehelpers are vulnerable to Prototype Pol ...)
+	TODO: check
+CVE-2020-7722 (All versions of package nodee-utils are vulnerable to Prototype Pollut ...)
+	TODO: check
+CVE-2020-7721 (All versions of package node-oojs are vulnerable to Prototype Pollutio ...)
+	TODO: check
+CVE-2020-7720 (All versions of package node-forge are vulnerable to Prototype Polluti ...)
+	TODO: check
+CVE-2020-7719 (All versions of package locutus are vulnerable to Prototype Pollution  ...)
+	TODO: check
+CVE-2020-7718 (All versions of package gammautils are vulnerable to Prototype Polluti ...)
+	TODO: check
+CVE-2020-7717 (All versions of package dot-notes are vulnerable to Prototype Pollutio ...)
+	TODO: check
+CVE-2020-7716 (All versions of package deeps are vulnerable to Prototype Pollution vi ...)
+	TODO: check
+CVE-2020-7715 (All versions of package deep-get-set are vulnerable to Prototype Pollu ...)
+	TODO: check
+CVE-2020-7714 (All versions of package confucious are vulnerable to Prototype Polluti ...)
+	TODO: check
+CVE-2020-7713 (All versions of package arr-flatten-unflatten are vulnerable to Protot ...)
+	TODO: check
 CVE-2020-7712 (This affects the package json before 10.0.0. It is possible to inject  ...)
 	TODO: check
 CVE-2020-7711 (This affects all versions of package github.com/russellhaering/goxmlds ...)
@@ -38514,17 +38514,17 @@ CVE-2020-7671 (goliath through 1.0.6 allows request smuggling attacks where goli
 	NOT-FOR-US: Ruby gem goliath
 CVE-2020-7670 (agoo through 2.12.3 allows request smuggling attacks where agoo is use ...)
 	NOT-FOR-US: Ruby gem agoo
-CVE-2020-7669
-	RESERVED
+CVE-2020-7669 (This affects all versions of package github.com/u-root/u-root/pkg/taru ...)
+	TODO: check
 CVE-2020-7668 (In all versions of the package github.com/unknwon/cae/tz, the ExtractT ...)
 	- golang-github-unknwon-cae <removed> (bug #967956)
 	NOTE: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMUNKNWONCAETZ-570384
 CVE-2020-7667 (In package github.com/sassoftware/go-rpmutils/cpio before version 0.1. ...)
 	NOT-FOR-US: github.com/sassoftware/go-rpmutils/cpio go module
-CVE-2020-7666
-	RESERVED
-CVE-2020-7665
-	RESERVED
+CVE-2020-7666 (This affects all versions of package github.com/u-root/u-root/pkg/cpio ...)
+	TODO: check
+CVE-2020-7665 (This affects all versions of package github.com/u-root/u-root/pkg/uzip ...)
+	TODO: check
 CVE-2020-7664 (In all versions of the package github.com/unknwon/cae/zip, the Extract ...)
 	- golang-github-unknwon-cae <removed> (bug #967955)
 	NOTE: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMUNKNWONCAEZIP-570383
@@ -42366,8 +42366,8 @@ CVE-2020-6143
 	RESERVED
 CVE-2020-6142
 	RESERVED
-CVE-2020-6141
-	RESERVED
+CVE-2020-6141 (An exploitable SQL injection vulnerability exists in the login functio ...)
+	TODO: check
 CVE-2020-6140
 	RESERVED
 CVE-2020-6139
@@ -42376,46 +42376,46 @@ CVE-2020-6138
 	RESERVED
 CVE-2020-6137
 	RESERVED
-CVE-2020-6136
-	RESERVED
-CVE-2020-6135
-	RESERVED
-CVE-2020-6134
-	RESERVED
-CVE-2020-6133
-	RESERVED
-CVE-2020-6132
-	RESERVED
-CVE-2020-6131
-	RESERVED
-CVE-2020-6130
-	RESERVED
-CVE-2020-6129
-	RESERVED
-CVE-2020-6128
-	RESERVED
-CVE-2020-6127
-	RESERVED
-CVE-2020-6126
-	RESERVED
-CVE-2020-6125
-	RESERVED
-CVE-2020-6124
-	RESERVED
-CVE-2020-6123
-	RESERVED
-CVE-2020-6122
-	RESERVED
-CVE-2020-6121
-	RESERVED
-CVE-2020-6120
-	RESERVED
-CVE-2020-6119
-	RESERVED
-CVE-2020-6118
-	RESERVED
-CVE-2020-6117
-	RESERVED
+CVE-2020-6136 (An exploitable SQL injection vulnerability exists in the DownloadWindo ...)
+	TODO: check
+CVE-2020-6135 (An exploitable SQL injection vulnerability exists in the Validator.php ...)
+	TODO: check
+CVE-2020-6134 (SQL injection vulnerabilities exist in the ID parameters of OS4Ed open ...)
+	TODO: check
+CVE-2020-6133 (SQL injection vulnerabilities exist in the ID parameters of OS4Ed open ...)
+	TODO: check
+CVE-2020-6132 (SQL injection vulnerability exists in the ID parameters of OS4Ed openS ...)
+	TODO: check
+CVE-2020-6131 (SQL injection vulnerabilities exist in the course_period_id parameters ...)
+	TODO: check
+CVE-2020-6130 (SQL injection vulnerabilities exist in the course_period_id parameters ...)
+	TODO: check
+CVE-2020-6129 (SQL injection vulnerabilities exist in the course_period_id parameters ...)
+	TODO: check
+CVE-2020-6128 (SQL injection vulnerability exists in the CoursePeriodModal.php page o ...)
+	TODO: check
+CVE-2020-6127 (SQL injection vulnerability exists in the CoursePeriodModal.php page o ...)
+	TODO: check
+CVE-2020-6126 (SQL injection vulnerability exists in the CoursePeriodModal.php page o ...)
+	TODO: check
+CVE-2020-6125 (An exploitable SQL injection vulnerability exists in the GetSchool.php ...)
+	TODO: check
+CVE-2020-6124 (An exploitable sql injection vulnerability exists in the email paramet ...)
+	TODO: check
+CVE-2020-6123 (An exploitable sql injection vulnerability exists in the email paramet ...)
+	TODO: check
+CVE-2020-6122 (SQL injection vulnerability exists in the CheckDuplicateStudent.php pa ...)
+	TODO: check
+CVE-2020-6121 (SQL injection vulnerabilities exist in the CheckDuplicateStudent.php p ...)
+	TODO: check
+CVE-2020-6120 (SQL injection vulnerability exists in the CheckDuplicateStudent.php pa ...)
+	TODO: check
+CVE-2020-6119 (SQL injection vulnerabilities exist in the CheckDuplicateStudent.php p ...)
+	TODO: check
+CVE-2020-6118 (SQL injection vulnerabilities exist in the CheckDuplicateStudent.php p ...)
+	TODO: check
+CVE-2020-6117 (SQL injection vulnerabilities exist in the CheckDuplicateStudent.php p ...)
+	TODO: check
 CVE-2020-6116
 	RESERVED
 CVE-2020-6115
@@ -50742,34 +50742,34 @@ CVE-2020-2253
 	RESERVED
 CVE-2020-2252
 	RESERVED
-CVE-2020-2251
-	RESERVED
-CVE-2020-2250
-	RESERVED
-CVE-2020-2249
-	RESERVED
-CVE-2020-2248
-	RESERVED
-CVE-2020-2247
-	RESERVED
-CVE-2020-2246
-	RESERVED
-CVE-2020-2245
-	RESERVED
-CVE-2020-2244
-	RESERVED
-CVE-2020-2243
-	RESERVED
-CVE-2020-2242
-	RESERVED
-CVE-2020-2241
-	RESERVED
-CVE-2020-2240
-	RESERVED
-CVE-2020-2239
-	RESERVED
-CVE-2020-2238
-	RESERVED
+CVE-2020-2251 (Jenkins SoapUI Pro Functional Testing Plugin 1.5 and earlier transmits ...)
+	TODO: check
+CVE-2020-2250 (Jenkins SoapUI Pro Functional Testing Plugin 1.3 and earlier stores pr ...)
+	TODO: check
+CVE-2020-2249 (Jenkins Team Foundation Server Plugin 5.157.1 and earlier stores a web ...)
+	TODO: check
+CVE-2020-2248 (Jenkins JSGames Plugin 0.2 and earlier evaluates part of a URL as code ...)
+	TODO: check
+CVE-2020-2247 (Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configu ...)
+	TODO: check
+CVE-2020-2246 (Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Va ...)
+	TODO: check
+CVE-2020-2245 (Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML pa ...)
+	TODO: check
+CVE-2020-2244 (Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not esca ...)
+	TODO: check
+CVE-2020-2243 (Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape buil ...)
+	TODO: check
+CVE-2020-2242 (A missing permission check in Jenkins database Plugin 1.6 and earlier  ...)
+	TODO: check
+CVE-2020-2241 (A cross-site request forgery (CSRF) vulnerability in Jenkins database  ...)
+	TODO: check
+CVE-2020-2240 (A cross-site request forgery (CSRF) vulnerability in Jenkins database  ...)
+	TODO: check
+CVE-2020-2239 (Jenkins Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a ...)
+	TODO: check
+CVE-2020-2238 (Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the re ...)
+	TODO: check
 CVE-2020-2237 (A cross-site request forgery (CSRF) vulnerability in Jenkins Flaky Tes ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2020-2236 (Jenkins Yet Another Build Visualizer Plugin 1.11 and earlier does not  ...)
author	security tracker role <sectracker@soriano.debian.org>	2020-09-01 20:10:30 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2020-09-01 20:10:30 +0000
commit	f2b39cd468d17f420f0030dda5a8e6d506831c4a (patch)
tree	0325f73057cbfb539e0fa805aac50eb8d6e32059 /data
parent	03721f95d8823fdc6520208f633d2ef57a4a0182 (diff)