Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
76453146 by Salvatore Bonaccorso at 2021-06-15T21:18:23+02:00
Add more (potential) iotjs issues (embedding jerryscript)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -57441,15 +57441,20 @@ CVE-2020-23325
CVE-2020-23324
RESERVED
CVE-2020-23323 (There is a heap-buffer-overflow at re-parser.c in
re_parse_char_escape ...)
- TODO: check
+ - iotjs <unfixed>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/3871
CVE-2020-23322 (There is an Assertion in 'context_p->token.type ==
LEXER_RIGHT_BRAC ...)
- TODO: check
+ - iotjs <unfixed>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/3869
CVE-2020-23321 (There is a heap-buffer-overflow at lit-strings.c:431 in
lit_read_code_ ...)
- TODO: check
+ - iotjs <unfixed>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/3870
CVE-2020-23320 (There is an Assertion in
'context_p->next_scanner_info_p->type = ...)
- TODO: check
+ - iotjs <unfixed>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/3835
CVE-2020-23319 (There is an Assertion in '(flags >>
CBC_STACK_ADJUST_SHIFT) > ...)
- TODO: check
+ - iotjs <unfixed>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/3834
CVE-2020-23318
RESERVED
CVE-2020-23317
@@ -57459,31 +57464,41 @@ CVE-2020-23316
CVE-2020-23315
RESERVED
CVE-2020-23314 (There is an Assertion 'block_found' failed at
js-parser-statm.c:2003 p ...)
- TODO: check
+ - iotjs <unfixed>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/3825
CVE-2020-23313 (There is an Assertion 'scope_stack_p >
context_p->scope_stack_p' ...)
- TODO: check
+ - iotjs <unfixed>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/3823
CVE-2020-23312 (There is an Assertion 'context.status_flags &
PARSER_SCANNING_SUCC ...)
- TODO: check
+ - iotjs <unfixed>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/3824
CVE-2020-23311 (There is an Assertion 'context_p->token.type ==
LEXER_RIGHT_BRACE | ...)
- TODO: check
+ - iotjs <unfixed>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/3822
CVE-2020-23310 (There is an Assertion
'context_p->next_scanner_info_p->type == S ...)
- TODO: check
+ - iotjs <unfixed>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/3821
CVE-2020-23309 (There is an Assertion 'context_p->stack_depth ==
context_p->cont ...)
- TODO: check
+ - iotjs <unfixed>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/3820
CVE-2020-23308 (There is an Assertion 'context_p->stack_top_uint8 ==
LEXER_EXPRESSI ...)
- TODO: check
+ - iotjs <unfixed>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/3819
CVE-2020-23307
RESERVED
CVE-2020-23306 (There is a stack-overflow at ecma-regexp-object.c:535 in
ecma_regexp_m ...)
- TODO: check
+ - iotjs <unfixed>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/3753
CVE-2020-23305
RESERVED
CVE-2020-23304
RESERVED
CVE-2020-23303 (There is a heap-buffer-overflow at jmem-poolman.c:165 in
jmem_pools_co ...)
- TODO: check
+ - iotjs <unfixed>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/3749
CVE-2020-23302 (There is a heap-use-after-free at ecma-helpers-string.c:772 in
ecma_re ...)
- TODO: check
+ - iotjs <unfixed>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/3748
CVE-2020-23301
RESERVED
CVE-2020-23300
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76453146d0815081682f14d2e1271c737a93adc5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76453146d0815081682f14d2e1271c737a93adc5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
