Add three new python-django CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2022-01-04 13:30:56 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-01-04 13:30:56 +0100
commit: 97e4775fafb0c0a1db168f30603085d7253222b9 (patch)
tree: 98ab9a010915ae1244c22d5d4078ed43dbc6615c
parent: 059da60857e5c27b94322ee0a79216bc75740c9e (diff)
1 files changed, 9 insertions, 3 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index d389b6bbb0..f1a164712b 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -1664,8 +1664,10 @@ CVE-2021-45454
 	RESERVED
 CVE-2021-45453
 	RESERVED
-CVE-2021-45452
+CVE-2021-45452 [Potential directory-traversal via Storage.save()]
 	RESERVED
+	- python-django <unfixed> (bug #1003113)
+	NOTE: https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
 CVE-2021-4150 [Block subsystem mishandles reference counts]
 	RESERVED
 	- linux 5.15.3-1
@@ -2432,10 +2434,14 @@ CVE-2021-45118
 	RESERVED
 CVE-2021-45117
 	RESERVED
-CVE-2021-45116
+CVE-2021-45116 [Potential information disclosure in dictsort template filter]
 	RESERVED
-CVE-2021-45115
+	- python-django <unfixed> (bug #1003113)
+	NOTE: https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
+CVE-2021-45115 [Denial-of-service possibility in UserAttributeSimilarityValidator]
 	RESERVED
+	- python-django <unfixed> (bug #1003113)
+	NOTE: https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
 CVE-2021-45106
 	RESERVED
 CVE-2021-44463
author	Salvatore Bonaccorso <carnil@debian.org>	2022-01-04 13:30:56 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-01-04 13:30:56 +0100
commit	97e4775fafb0c0a1db168f30603085d7253222b9 (patch)
tree	98ab9a010915ae1244c22d5d4078ed43dbc6615c
parent	059da60857e5c27b94322ee0a79216bc75740c9e (diff)