diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-11-25 22:17:01 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-11-25 22:17:01 +0100 |
commit | 206a8e3d59bd85bd33c9ed6bc7586f4949af282c (patch) | |
tree | 10fcf2fce3ffad36b04cb69a97a223f865351af6 | |
parent | 8e08b827fa72c3f9a240010aefa99bac511bcc16 (diff) |
Update status for CVE-2021-41270/symfony
-rw-r--r-- | data/CVE/2021.list | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 0f858d0515..ff96d12d55 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -6851,6 +6851,8 @@ CVE-2021-41271 (Discourse is a platform for community discussion. In affected ve NOT-FOR-US: Discourse CVE-2021-41270 (Symfony/Serializer handles serializing and deserializing data structur ...) - symfony 4.4.19+dfsg-3 + [buster] - symfony <not-affected> (Vulnerable code and support for csv_escape_formulas introduced in 4.1) + [stretch] - symfony <not-affected> (Vulnerable code and support for csv_escape_formulas introduced in 4.1) NOTE: https://github.com/symfony/symfony/security/advisories/GHSA-2xhg-w2g5-w95x NOTE: https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8 (v4.4.35) NOTE: https://symfony.com/blog/cve-2021-41270-prevent-csv-injection-via-formulas |