Add CVE-2021-41136/puma

author: Salvatore Bonaccorso <carnil@debian.org> 2021-10-12 22:41:28 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-10-12 22:41:28 +0200
commit: d35db90a36f9e1d9cb35565e44db899c1c367aa3 (patch)
tree: 07b7a9deb2e7e3d5278fc68999f8d90121797d8a /data
parent: 0a9860249252e2688f6b6a3a9d0a337144ba5a55 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 34dc7059cf..9199c4d67a 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -2659,7 +2659,9 @@ CVE-2021-41138
 CVE-2021-41137
 	RESERVED
 CVE-2021-41136 (Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to version ...)
-	TODO: check
+	- puma <unfixed>
+	NOTE: https://github.com/puma/puma/security/advisories/GHSA-48w2-rm65-62xx
+	NOTE: https://github.com/puma/puma/commit/acdc3ae571dfae0e045cf09a295280127db65c7f
 CVE-2021-41135
 	RESERVED
 CVE-2021-41134
author	Salvatore Bonaccorso <carnil@debian.org>	2021-10-12 22:41:28 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-10-12 22:41:28 +0200
commit	d35db90a36f9e1d9cb35565e44db899c1c367aa3 (patch)
tree	07b7a9deb2e7e3d5278fc68999f8d90121797d8a /data
parent	0a9860249252e2688f6b6a3a9d0a337144ba5a55 (diff)