summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2021-11-19 08:27:41 +0100
committerSalvatore Bonaccorso <carnil@debian.org>2021-11-19 08:27:41 +0100
commit8de7e8113565b6022f24f94923e792e550d55120 (patch)
tree1877b4d1d794a3c6240233bf5ee20ddc79b6689a
parentf97af28ff771f4ac3fe2ec9f61965d022a855e34 (diff)
CVEs for roundcube assigned: CVE-2021-44025 and CVE-2021-44026
-rw-r--r--data/CVE/list.20214
1 files changed, 2 insertions, 2 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index b7fb5f10d5..699e2cff4c 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -42,12 +42,12 @@ CVE-2021-3976
RESERVED
CVE-2021-3975
RESERVED
-CVE-2021-XXXX [XSS issue in handling attachment filename extension in mimetype mismatch warning]
+CVE-2021-44025 [XSS issue in handling attachment filename extension in mimetype mismatch warning]
- roundcube 1.5.0+dfsg.1-1 (bug #1000156)
NOTE: https://github.com/roundcube/roundcubemail/issues/8193
NOTE: https://github.com/roundcube/roundcubemail/commit/faf99bf8a2b7b7562206fa047e8de652861e624a (1.4.12)
NOTE: https://github.com/roundcube/roundcubemail/commit/7d7b1dfeff795390b69905ceb63d6391b5b0dfe7 (1.3.17)
-CVE-2021-XXXX [SQL injection via some session variables]
+CVE-2021-44026 [SQL injection via some session variables]
- roundcube 1.5.0+dfsg.1-1 (bug #1000156)
NOTE: https://github.com/roundcube/roundcubemail/commit/c8947ecb762d9e89c2091bda28d49002817263f1 (1.4.12)
NOTE: https://github.com/roundcube/roundcubemail/commit/ee809bde2dcaa04857a919397808a7296681dcfa (1.3.17)

© 2014-2024 Faster IT GmbH | imprint | privacy policy