[Secure-testing-commits] r41440 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu May 5 06:18:01 UTC 2016


Author: carnil
Date: 2016-05-05 06:18:01 +0000 (Thu, 05 May 2016)
New Revision: 41440

Modified:
   data/CVE/list
Log:
Add CVE-2016-3720, needs check

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-05-05 05:11:04 UTC (rev 41439)
+++ data/CVE/list	2016-05-05 06:18:01 UTC (rev 41440)
@@ -1968,8 +1968,11 @@
 	RESERVED
 CVE-2016-3721
 	RESERVED
-CVE-2016-3720
+CVE-2016-3720 [XmlMapper is vulnerable to XXE attack]
 	RESERVED
+	- jackson-dataformat-xml <unfixed>
+	NOTE: https://github.com/FasterXML/jackson-dataformat-xml/commit/f0f19a4c924d9db9a1e2830434061c8640092cc0 (2.7.4)
+	TODO: check
 CVE-2016-3719
 	RESERVED
 CVE-2016-3718 [SSRF]




More information about the Secure-testing-commits mailing list