[Git][security-tracker-team/security-tracker][master] Add CVE-2020-15094/symfony

Wed Sep 2 21:29:45 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7e81a935 by Salvatore Bonaccorso at 2020-09-02T22:29:08+02:00
Add CVE-2020-15094/symfony

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -20687,7 +20687,9 @@ CVE-2020-15095 (Versions of the npm CLI prior to 6.14.6 are vulnerable to an inf
 	NOTE: https://github.com/npm/cli/security/advisories/GHSA-93f3-23rq-pjfp
 	NOTE: https://github.com/npm/cli/commit/a9857b8f6869451ff058789c4631fadfde5bbcbc
 CVE-2020-15094 (In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient cla ...)
-	TODO: check
+	- symfony 4.4.13+dfsg-1
+	NOTE: https://github.com/symfony/symfony/security/advisories/GHSA-754h-5r27-7x3r
+	NOTE: https://github.com/symfony/symfony/commit/d9910e0b33a2e0f993abff41c6fbc86951b66d78
 CVE-2020-15093 (The tough library (Rust/crates.io) prior to version 0.7.1 does not pro ...)
 	NOT-FOR-US: Rust tough
 CVE-2020-15092 (In TimelineJS before version 3.7.0, some user data renders as HTML. An ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e81a9355a06cd3cfb06ea3da528e39ab2552b70

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e81a9355a06cd3cfb06ea3da528e39ab2552b70
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200902/8b42ef34/attachment.html>
