[Git][security-tracker-team/security-tracker][master] Document CVE-2022-23601/symfony
David Prévot (@taffit)
taffit at debian.org
Mon Jan 31 15:04:06 GMT 2022
David Prévot pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d24a2a84 by David Prévot at 2022-01-31T11:02:56-04:00
Document CVE-2022-23601/symfony
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2263,8 +2263,11 @@ CVE-2022-23603
RESERVED
CVE-2022-23602
RESERVED
-CVE-2022-23601
+CVE-2022-23601 [CSRF token missing in forms]
RESERVED
+ - symfony <not-affected> (Vulnerable code not present)
+ NOTE: https://symfony.com/blog/cve-2022-23601-csrf-token-missing-in-forms
+ NOTE: https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50
CVE-2022-23600
RESERVED
CVE-2022-23599 (Products.ATContentTypes are the core content types for Plone 2.1 - 4.3 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d24a2a84b9d2ec66d7cc60bb5232a123c4a45e5f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d24a2a84b9d2ec66d7cc60bb5232a123c4a45e5f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220131/970a4b2a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list