summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2021-10-15 09:50:42 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2021-10-15 09:50:42 +0200
commit0a0d3b0a92e3f8bd49b0f56f0df381a46d7ca762 (patch)
tree16c70ecdc2e979b9b9e8bf803a51901cebe0320a
parent75912b30f54a1c1cf4e2f6595d9a6da52be2315e (diff)
Add CVE-2021-3882/ledgersmb
-rw-r--r--data/CVE/list.20214
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index fe07c93bbf..233cb2e7d2 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -273,7 +273,9 @@ CVE-2021-42264
CVE-2021-42263
RESERVED
CVE-2021-3882 (LedgerSMB does not set the 'Secure' attribute on the session authoriza ...)
- TODO: check
+ - ledgersmb <not-affected> (Vulnerable code introduced later)
+ NOTE: https://huntr.dev/bounties/7061d97a-98a5-495a-8ba0-3a4c66091e9d/
+ NOTE: https://ledgersmb.org/content/security-advisory-cve-2021-3882-non-secure-session-cookie
CVE-2021-3881
RESERVED
CVE-2021-3880

© 2014-2021 Faster IT GmbH | imprint | privacy policy