diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-11-18 20:55:49 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-11-18 20:55:49 +0100 |
commit | 7067660884bb78f664992cfe8c691b478a22b195 (patch) | |
tree | 1f340378c7fea66a7511decd232f707056a8f836 /data/CVE/list.2021 | |
parent | 8ab7bd933e7631e761f794b86c721985f7f6783b (diff) |
Track two new rouncube issues
Diffstat (limited to 'data/CVE/list.2021')
-rw-r--r-- | data/CVE/list.2021 | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index db0083ec6f..1ff37ef5b8 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -1,3 +1,12 @@ +CVE-2021-XXXX [XSS issue in handling attachment filename extension in mimetype mismatch warning] + - roundcube 1.5.0+dfsg.1-1 (bug #1000156) + NOTE: https://github.com/roundcube/roundcubemail/issues/8193 + NOTE: https://github.com/roundcube/roundcubemail/commit/faf99bf8a2b7b7562206fa047e8de652861e624a (1.4.12) + NOTE: https://github.com/roundcube/roundcubemail/commit/7d7b1dfeff795390b69905ceb63d6391b5b0dfe7 (1.3.17) +CVE-2021-XXXX [SQL injection via some session variables] + - roundcube 1.5.0+dfsg.1-1 (bug #1000156) + NOTE: https://github.com/roundcube/roundcubemail/commit/c8947ecb762d9e89c2091bda28d49002817263f1 (1.4.12) + NOTE: https://github.com/roundcube/roundcubemail/commit/ee809bde2dcaa04857a919397808a7296681dcfa (1.3.17) CVE-2021-43998 RESERVED CVE-2021-43997 (Amazon FreeRTOS 10.2.0 through 10.4.5 on the ARMv7-M and ARMv8-M MPU p ...) |