[Secure-testing-commits] r39170 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jan 25 21:21:28 UTC 2016
Author: carnil
Date: 2016-01-25 21:21:28 +0000 (Mon, 25 Jan 2016)
New Revision: 39170
Modified:
data/CVE/list
Log:
Add CVE-2015-7578/ruby-rails-html-sanitizer
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-25 21:19:12 UTC (rev 39169)
+++ data/CVE/list 2016-01-25 21:21:28 UTC (rev 39170)
@@ -8457,8 +8457,10 @@
RESERVED
CVE-2015-7579
RESERVED
-CVE-2015-7578
+CVE-2015-7578 [Possible XSS vulnerability in rails-html-sanitizer]
RESERVED
+ - ruby-rails-html-sanitizer <unfixed>
+ TODO: check
CVE-2015-7577 [Nested attributes rejection proc bypass in Active Record]
RESERVED
- rails <unfixed>
More information about the Secure-testing-commits
mailing list