summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2022-01-02 16:07:45 +0100
committerSalvatore Bonaccorso <carnil@debian.org>2022-01-02 16:07:45 +0100
commite23358e33430e680096b575c316b3e2a4569879f (patch)
treef037d64e473a2a0f54fc4942df71902c87400a27
parentdc0f2067b6a4b864f98b0d3a8f2aec91602f9b30 (diff)
Add Debian bug reference for CVE-2021-43617
Diffstat
-rw-r--r--data/CVE/2021.list2
1 files changed, 1 insertions, 1 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index fecfb509fb..3a1c5305ab 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -5936,7 +5936,7 @@ CVE-2021-43618 (GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 ha
NOTE: https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
NOTE: https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
CVE-2021-43617 (Laravel Framework through 8.70.2 does not sufficiently block the uploa ...)
- - php-laravel-framework 6.20.14+dfsg-3
+ - php-laravel-framework 6.20.14+dfsg-3 (bug #1002728)
[bullseye] - php-laravel-framework <no-dsa> (Can be fixed via point release)
NOTE: https://hosein-vita.medium.com/laravel-8-x-image-upload-bypass-zero-day-852bd806019b
CVE-2021-3957 (kimai2 is vulnerable to Cross-Site Request Forgery (CSRF) ...)

© 2014-2024 Faster IT GmbH | imprint | privacy policy