diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-11-18 20:55:49 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-11-18 20:55:49 +0100 |
commit | 61c899774b57bfb9bedea91cd24a2047b554a1a7 (patch) | |
tree | 14574db851ba73bcff6b0c796bb5458bf68436fa | |
parent | 371ad5148ea53b07863b36b86fe6590bf0f00df5 (diff) |
Track two new rouncube issues
-rw-r--r-- | data/CVE/2021.list | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list index db0083ec6f..1ff37ef5b8 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,3 +1,12 @@ +CVE-2021-XXXX [XSS issue in handling attachment filename extension in mimetype mismatch warning] + - roundcube 1.5.0+dfsg.1-1 (bug #1000156) + NOTE: https://github.com/roundcube/roundcubemail/issues/8193 + NOTE: https://github.com/roundcube/roundcubemail/commit/faf99bf8a2b7b7562206fa047e8de652861e624a (1.4.12) + NOTE: https://github.com/roundcube/roundcubemail/commit/7d7b1dfeff795390b69905ceb63d6391b5b0dfe7 (1.3.17) +CVE-2021-XXXX [SQL injection via some session variables] + - roundcube 1.5.0+dfsg.1-1 (bug #1000156) + NOTE: https://github.com/roundcube/roundcubemail/commit/c8947ecb762d9e89c2091bda28d49002817263f1 (1.4.12) + NOTE: https://github.com/roundcube/roundcubemail/commit/ee809bde2dcaa04857a919397808a7296681dcfa (1.3.17) CVE-2021-43998 RESERVED CVE-2021-43997 (Amazon FreeRTOS 10.2.0 through 10.4.5 on the ARMv7-M and ARMv8-M MPU p ...) |