diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-01-02 15:44:04 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-01-02 15:44:04 +0100 |
commit | 208be140b248916a718c25c71f2373dbc2e4156b (patch) | |
tree | cb295cdd8ede8ffd48ca57c950f31b72d7eb139d | |
parent | 181a966ceba9e663659532072ab482994dbed543 (diff) |
Mark CVE-2021-43617 as no-dsa
-rw-r--r-- | data/CVE/2021.list | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list index e52a30a678..6bffa2d346 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -5937,6 +5937,7 @@ CVE-2021-43618 (GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 ha NOTE: https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e CVE-2021-43617 (Laravel Framework through 8.70.2 does not sufficiently block the uploa ...) - php-laravel-framework 6.20.14+dfsg-3 + [bullseye] - php-laravel-framework <no-dsa> (Can be fixed via point release) NOTE: https://hosein-vita.medium.com/laravel-8-x-image-upload-bypass-zero-day-852bd806019b CVE-2021-3957 (kimai2 is vulnerable to Cross-Site Request Forgery (CSRF) ...) NOT-FOR-US: kimai2 |