[Git][security-tracker-team/security-tracker][master] Add CVE-2020-25626/djangorestframework

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6bcc8bcf by Salvatore Bonaccorso at 2020-10-01T08:35:19+02:00
Add CVE-2020-25626/djangorestframework

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1226,8 +1226,11 @@ CVE-2020-25628
        RESERVED
 CVE-2020-25627
        RESERVED
-CVE-2020-25626
+CVE-2020-25626 [XSS Vulnerability in API viewer]
        RESERVED
+       - djangorestframework <unfixed>
+       NOTE: 
https://github.com/encode/django-rest-framework/commit/4121b01b912668c049b26194a9a107c27a332429
+       NOTE: Fixed upstream in 3.12.0 and 3.11.2
 CVE-2020-25625 (hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD 
list ha ...)
        - qemu <unfixed> (bug #970542)
        [buster] - qemu <postponed> (Can be fixed along in next qemu DSA)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bcc8bcf1229fc09a6b99a847d29c041920d760e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bcc8bcf1229fc09a6b99a847d29c041920d760e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits