Add references for CVE-2021-41270/symfony

author: Salvatore Bonaccorso <carnil@debian.org> 2021-11-24 20:41:07 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-11-24 20:41:07 +0100
commit: 8ca852dd23ccaa7608bb911001f9a36de59c5e03 (patch)
tree: 99954d8ab9be823f72c37e67685a762eea8233d2
parent: 402cbff25fc59218db09074bc8a93b4c2820fd50 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 9daa403c0c..8d22ad26a8 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -6772,6 +6772,8 @@ CVE-2021-41271 (Discourse is a platform for community discussion. In affected ve
 CVE-2021-41270 [symfony: CVS injection via formulas]
 	RESERVED
 	- symfony 4.4.19+dfsg-3
+	NOTE: https://github.com/symfony/symfony/security/advisories/GHSA-2xhg-w2g5-w95x
+	NOTE: https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8 (4.4.35)
 CVE-2021-41269 (cron-utils is a Java library to define, parse, validate, migrate crons ...)
 	NOT-FOR-US: cron-utils Java library
 CVE-2021-41268
author	Salvatore Bonaccorso <carnil@debian.org>	2021-11-24 20:41:07 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-11-24 20:41:07 +0100
commit	8ca852dd23ccaa7608bb911001f9a36de59c5e03 (patch)
tree	99954d8ab9be823f72c37e67685a762eea8233d2
parent	402cbff25fc59218db09074bc8a93b4c2820fd50 (diff)