Add CVE-2021-22060 to libspring-java as follow-up to CVE-2021-22096

author: Neil Williams <codehelp@debian.org> 2022-01-25 11:09:41 +0000
committer: Neil Williams <codehelp@debian.org> 2022-01-25 11:09:41 +0000
commit: c8bddadc6c6128aed0a90b31d9abe79d5ea342df (patch)
tree: 9930e3591aa693ef14a97d248e15b0eb700770b2
parent: ed9aee491ec405ea74d81e3cd27bb7583d7d261d (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 6260236a77..494f4bf4ad 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -59648,7 +59648,9 @@ CVE-2021-22062
 CVE-2021-22061
 	RESERVED
 CVE-2021-22060 (In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older ...)
-	TODO: check
+	- libspring-java <unfixed>
+	NOTE: follow-up to CVE-2021-22096
+	NOTE: https://tanzu.vmware.com/security/cve-2021-22060
 CVE-2021-22059
 	RESERVED
 CVE-2021-22058
author	Neil Williams <codehelp@debian.org>	2022-01-25 11:09:41 +0000
committer	Neil Williams <codehelp@debian.org>	2022-01-25 11:09:41 +0000
commit	c8bddadc6c6128aed0a90b31d9abe79d5ea342df (patch)
tree	9930e3591aa693ef14a97d248e15b0eb700770b2
parent	ed9aee491ec405ea74d81e3cd27bb7583d7d261d (diff)