[Git][security-tracker-team/security-tracker][master] Add CVE-2020-25626/djangorestframework
Salvatore Bonaccorso
carnil at debian.org
Thu Oct 1 07:41:02 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6bcc8bcf by Salvatore Bonaccorso at 2020-10-01T08:35:19+02:00
Add CVE-2020-25626/djangorestframework
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1226,8 +1226,11 @@ CVE-2020-25628
RESERVED
CVE-2020-25627
RESERVED
-CVE-2020-25626
+CVE-2020-25626 [XSS Vulnerability in API viewer]
RESERVED
+ - djangorestframework <unfixed>
+ NOTE: https://github.com/encode/django-rest-framework/commit/4121b01b912668c049b26194a9a107c27a332429
+ NOTE: Fixed upstream in 3.12.0 and 3.11.2
CVE-2020-25625 (hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list ha ...)
- qemu <unfixed> (bug #970542)
[buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bcc8bcf1229fc09a6b99a847d29c041920d760e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bcc8bcf1229fc09a6b99a847d29c041920d760e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201001/50b488d3/attachment.html>
More information about the debian-security-tracker-commits
mailing list