CVE-2021-41164,CVE-2021-41165/ckeditor bug #999909

author: Neil Williams <codehelp@debian.org> 2021-11-18 10:47:57 +0000
committer: Neil Williams <codehelp@debian.org> 2021-11-18 10:48:21 +0000
commit: ff2be5019977b2efdc785f8b5e0f6666b37c2a1f (patch)
tree: 07781689105a9f26184b162ad75e58174ad328e9
parent: fb1c7951c39870e869ee5912ba99d52d9f374a6f (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 9a8f4cca65..db0083ec6f 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -6470,9 +6470,11 @@ CVE-2021-41167 (modern-async is an open source JavaScript tooling library for as
 CVE-2021-41166
 	RESERVED
 CVE-2021-41165 (CKEditor4 is an open source WYSIWYG HTML editor. In affected version a ...)
-	TODO: check
+	- ckeditor <unfixed> (bug #999909)
+	NOTE: https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-7h26-63m7-qhf2 (v4.17.0)
 CVE-2021-41164 (CKEditor4 is an open source WYSIWYG HTML editor. In affected versions  ...)
-	TODO: check
+	- ckeditor <unfixed> (bug #999909)
+	NOTE: https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-pvmx-g8h5-cprj (v4.17.0)
 CVE-2021-41163 (Discourse is an open source platform for community discussion. In affe ...)
 	NOT-FOR-US: Discourse
 CVE-2021-41162
author	Neil Williams <codehelp@debian.org>	2021-11-18 10:47:57 +0000
committer	Neil Williams <codehelp@debian.org>	2021-11-18 10:48:21 +0000
commit	ff2be5019977b2efdc785f8b5e0f6666b37c2a1f (patch)
tree	07781689105a9f26184b162ad75e58174ad328e9
parent	fb1c7951c39870e869ee5912ba99d52d9f374a6f (diff)