Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6e37895a by Moritz Muehlenhoff at 2023-05-19T12:34:56+02:00
new iotjs issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33,7 +33,7 @@ CVE-2023-2790 (A vulnerability classified as problematic has
been found in TOTOL
CVE-2023-2789 (A vulnerability was found in GNU cflow 1.7. It has been rated
as probl ...)
- cflow <unfixed> (unimportant)
NOTE:
https://github.com/DaisyPo/fuzzing-vulncollect/blob/main/cflow/stack-overflow/parser.c/README.md
- NOTE: negligible security impact
+ NOTE: Crash in CLI tool, no security impact
CVE-2023-2782 (Sensitive information disclosure due to improper authorization.
The fo ...)
NOT-FOR-US: Acronis Cyber Infrastructure (ACI)
CVE-2023-2481 (Compiler removal of buffer clearing in
sli_se_opaque_import_key ...)
@@ -495,19 +495,32 @@ CVE-2023-31983 (A Command Injection vulnerability in
Edimax Wireless Router N300
CVE-2023-31922 (QuickJS commit 2788d71 was discovered to contain a
stack-overflow via ...)
NOT-FOR-US: QuickJS
CVE-2023-31921 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an
Assertio ...)
- TODO: check
+ - iotjs <not-affected> (Vulnerable code not present)
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/5068
CVE-2023-31920 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an
Assertio ...)
- TODO: check
+ - iotjs <unfixed>
+ [bullseye] - iotjs <ignored> (Minor issue)
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/5070
CVE-2023-31919 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an
Assertio ...)
- TODO: check
+ - iotjs <unfixed>
+ [bullseye] - iotjs <ignored> (Minor issue)
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/5069
CVE-2023-31918 (Jerryscript 3.0 (commit 1a2c047) was discovered to contain an
Assertio ...)
- TODO: check
+ - iotjs <unfixed>
+ [bullseye] - iotjs <ignored> (Minor issue)
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/5064
CVE-2023-31916 (Jerryscript 3.0 (commit 1a2c047) was discovered to contain an
Assertio ...)
- TODO: check
+ - iotjs <unfixed>
+ [bullseye] - iotjs <ignored> (Minor issue)
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/5062
CVE-2023-31914 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain
out-of-memo ...)
- TODO: check
+ - iotjs <unfixed>
+ [bullseye] - iotjs <ignored> (Minor issue)
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/5071
CVE-2023-31913 (Jerryscript 3.0 *commit 1a2c047) was discovered to contain an
Assertio ...)
- TODO: check
+ - iotjs <unfixed>
+ [bullseye] - iotjs <ignored> (Minor issue)
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/5061
CVE-2023-2682 (A vulnerability was found in Caton Live up to 2023-04-26 and
classifie ...)
NOT-FOR-US: Caton Live
CVE-2023-2680 [hcd-ehci: DMA reentrancy issue (incomplete fix for
CVE-2021-3750)]
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e37895a83c9f4c7112878464bc93fcee4ece10f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e37895a83c9f4c7112878464bc93fcee4ece10f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
