diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2021-11-16 10:39:27 +0100 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2021-11-16 10:39:27 +0100 |
| commit | dcd5781f0b636073ca40939c90f0e20b48f02327 (patch) | |
| tree | 5a3643167a4c336c469d96b4334d44d5bc8f6f96 | |
| parent | f1dc32f41fd1bd543a84204a0d30b3223ec3f3c1 (diff) | |
new laravel issue
| -rw-r--r-- | data/CVE/list.2021 | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index d187883d57..ba10c3f458 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -315,7 +315,8 @@ CVE-2021-43618 (GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 ha NOTE: https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html NOTE: https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e CVE-2021-43617 (Laravel Framework through 8.70.2 does not sufficiently block the uploa ...) - TODO: check + - php-laravel-framework <unfixed> + NOTE: https://hosein-vita.medium.com/laravel-8-x-image-upload-bypass-zero-day-852bd806019b CVE-2021-3957 RESERVED CVE-2021-43616 (The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an i ...) |