[Git][security-tracker-team/security-tracker][master] Reference blog post for CVE-2021-41270
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Nov 25 21:14:39 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e8647130 by Salvatore Bonaccorso at 2021-11-25T22:14:12+01:00
Reference blog post for CVE-2021-41270
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10225,6 +10225,7 @@ CVE-2021-41270 (Symfony/Serializer handles serializing and deserializing data st
- symfony 4.4.19+dfsg-3
NOTE: https://github.com/symfony/symfony/security/advisories/GHSA-2xhg-w2g5-w95x
NOTE: https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8 (v4.4.35)
+ NOTE: https://symfony.com/blog/cve-2021-41270-prevent-csv-injection-via-formulas
CVE-2021-41269 (cron-utils is a Java library to define, parse, validate, migrate crons ...)
NOT-FOR-US: cron-utils Java library
CVE-2021-41268 (Symfony/SecurityBundle is the security system for Symfony, a PHP frame ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e86471309018f8f4039c9efa0de4724e5496d093
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e86471309018f8f4039c9efa0de4724e5496d093
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211125/ab8d5abf/attachment.htm>
More information about the debian-security-tracker-commits
mailing list