Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b40f10f8 by Neil Williams at 2022-01-24T11:56:34+00:00
Add CVEs for iotjs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1482,37 +1482,67 @@ CVE-2021-46353
CVE-2021-46352
RESERVED
CVE-2021-46351 (There is an Assertion 'local_tza ==
ecma_date_local_time_zone_adjustme ...)
- TODO: check
+ - iotjs <not-affected> (Vulnerable code not yet introduced)
+ NOTE: https://github.com/jerryscript-project/jerryscript/pull/4955
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4940
CVE-2021-46350 (There is an Assertion 'ecma_is_value_object (value)' failed at
jerrysc ...)
- TODO: check
+ - iotjs <not-affected> (Vulnerable code not yet introduced)
+ NOTE: https://github.com/jerryscript-project/jerryscript/pull/4953
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4936
CVE-2021-46349 (There is an Assertion 'type == ECMA_OBJECT_TYPE_GENERAL ||
type == ECM ...)
- TODO: check
+ - iotjs <unfixed> (bug #1004288)
+ NOTE: https://github.com/jerryscript-project/jerryscript/pull/4954
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4937
CVE-2021-46348 (There is an Assertion 'ECMA_STRING_IS_REF_EQUALS_TO_ONE
(string_p)' fa ...)
- TODO: check
+ - iotjs <unfixed> (bug #1004288)
+ NOTE: https://github.com/jerryscript-project/jerryscript/pull/4961
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4941
CVE-2021-46347 (There is an Assertion 'ecma_object_check_class_name_is_object
(obj_p)' ...)
- TODO: check
+ - iotjs <not-affected> (Vulnerable code not yet introduced)
+ NOTE: https://github.com/jerryscript-project/jerryscript/pull/4954
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4938
CVE-2021-46346 (There is an Assertion 'local_tza ==
ecma_date_local_time_zone_adjustme ...)
- TODO: check
+ - iotjs <unfixed> (bug #1004288)
+ NOTE: https://github.com/jerryscript-project/jerryscript/pull/4955
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4939
CVE-2021-46345 (There is an Assertion 'cesu8_cursor_p == cesu8_end_p' failed
at /jerry ...)
- TODO: check
+ - iotjs <not-affected> (Vulnerable code not yet introduced)
+ NOTE: https://github.com/jerryscript-project/jerryscript/pull/4946
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4920
CVE-2021-46344 (There is an Assertion 'flags &
PARSER_PATTERN_HAS_REST_ELEMENT' fa ...)
- TODO: check
+ - iotjs <not-affected> (Vulnerable code not yet introduced)
+ NOTE: https://github.com/jerryscript-project/jerryscript/pull/4950
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4928
CVE-2021-46343 (There is an Assertion 'context_p->token.type ==
LEXER_LITERAL' fail ...)
- TODO: check
+ - iotjs <not-affected> (Vulnerable code not yet introduced)
+ NOTE: https://github.com/jerryscript-project/jerryscript/pull/4947
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4921
CVE-2021-46342 (There is an Assertion 'ecma_is_lexical_environment (obj_p) ||
!ecma_op ...)
- TODO: check
+ - iotjs <not-affected> (Vulnerable code not yet introduced)
+ NOTE: https://github.com/jerryscript-project/jerryscript/pull/4952
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4934
CVE-2021-46341
RESERVED
CVE-2021-46340 (There is an Assertion 'context_p->stack_top_uint8 ==
SCAN_STACK_TRY ...)
- TODO: check
+ - iotjs <unfixed> (bug #1004288)
+ NOTE: https://github.com/jerryscript-project/jerryscript/pull/4964
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4924
CVE-2021-46339 (There is an Assertion 'lit_is_valid_cesu8_string (string_p,
string_siz ...)
- TODO: check
+ - iotjs <undetermined>
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4935
CVE-2021-46338 (There is an Assertion 'ecma_is_lexical_environment (object_p)'
failed ...)
- TODO: check
+ - iotjs <unfixed> (bug #1004288)
+ NOTE: https://github.com/jerryscript-project/jerryscript/pull/4943
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4933
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4900
CVE-2021-46337 (There is an Assertion 'page_p != NULL' failed at
/parser/js/js-parser- ...)
- TODO: check
+ - iotjs <not-affected> (Vulnerable code not yet introduced)
+ NOTE: https://github.com/jerryscript-project/jerryscript/pull/4951
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4930
CVE-2021-46336 (There is an Assertion 'opts &
PARSER_CLASS_LITERAL_CTOR_PRESENT' f ...)
- TODO: check
+ - iotjs <not-affected> (Vulnerable code not yet introduced)
+ NOTE: https://github.com/jerryscript-project/jerryscript/pull/4949
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/4927
CVE-2021-46335 (Moddable SDK v11.5.0 was discovered to contain a NULL pointer
derefere ...)
NOT-FOR-US: Moddable SDK
CVE-2021-46334 (Moddable SDK v11.5.0 was discovered to contain a stack buffer
overflow ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b40f10f87490e2bea3981cf606c13f31ed814162
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b40f10f87490e2bea3981cf606c13f31ed814162
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
