Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
11ae4b76 by Salvatore Bonaccorso at 2022-08-02T22:42:09+02:00
Add CVE-2021-23385/flask-security
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -106797,7 +106797,8 @@ CVE-2021-23387 (The package trailing-slash before
2.0.1 are vulnerable to Open R
CVE-2021-23386 (This affects the package dns-packet before 5.2.2. It creates
buffers w ...)
NOT-FOR-US: Node dns-packet
CVE-2021-23385 (This affects all versions of package Flask-Security. When
using the ge ...)
- TODO: check
+ - flask-security <unfixed>
+ NOTE: https://security.snyk.io/vuln/SNYK-PYTHON-FLASKSECURITY-1293234
CVE-2021-23384 (The package koa-remove-trailing-slashes before 2.0.2 are
vulnerable to ...)
NOT-FOR-US: Node koa-remove-trailing-slashes before
CVE-2021-23383 (The package handlebars before 4.7.7 are vulnerable to
Prototype Pollut ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11ae4b7676e53058e29d4b746778c9086c001a81
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11ae4b7676e53058e29d4b746778c9086c001a81
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
