[Git][security-tracker-team/security-tracker][master] new iotjs issues
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 49f266ee by Moritz Muehlenhoff at 2024-04-27T20:38:49+02:00 new iotjs issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -113,13 +113,21 @@ CVE-2024-33342 (D-Link DIR-822+ V1.0.5 was found to contain a command injection CVE-2024-33263 (QuickJS commit 3b45d15 was discovered to contain an Assertion Failure ...) TODO: check CVE-2024-33260 (Jerryscript commit cefd391 was discovered to contain a segmentation vi ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/5133 CVE-2024-33259 (Jerryscript commit cefd391 was discovered to contain a segmentation vi ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/5132 CVE-2024-33258 (Jerryscript commit ff9ff8f was discovered to contain a segmentation vi ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/5144 CVE-2024-33255 (Jerryscript commit cefd391 was discovered to contain an Assertion Fail ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/5135 CVE-2024-32957 (Missing Authorization vulnerability in Live Composer Team Page Builder ...) NOT-FOR-US: WordPress plugin CVE-2024-32884 (gitoxide is a pure Rust implementation of Git. `gix-transport` does no ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49f266eec5dd761e2d3e77c067e2aa68d4b9fd20 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49f266eec5dd761e2d3e77c067e2aa68d4b9fd20 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] new iotjs issues
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f48f8e38 by Moritz Muehlenhoff at 2023-06-22T11:29:09+02:00 new iotjs issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -579,9 +579,13 @@ CVE-2023-35110 (An issue was discovered jjson thru 0.1.7 allows attackers to cau CVE-2023-34878 (An issue was discovered in Ujcms v6.0.2 allows attackers to gain sensi ...) NOT-FOR-US: Ujcms CVE-2023-34868 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertio ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/5083 CVE-2023-34867 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertio ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/5084 CVE-2023-34865 (Directory traversal vulnerability in ujcms 6.0.2 allows attackers to m ...) NOT-FOR-US: ujcms CVE-2023-34824 (fdkaac before 1.0.5 was discovered to contain a heap buffer overflow i ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f48f8e38c69ac5f39c397d0e29e4ca7fa82b0140 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f48f8e38c69ac5f39c397d0e29e4ca7fa82b0140 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] new iotjs issues
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 6e37895a by Moritz Muehlenhoff at 2023-05-19T12:34:56+02:00 new iotjs issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -33,7 +33,7 @@ CVE-2023-2790 (A vulnerability classified as problematic has been found in TOTOL CVE-2023-2789 (A vulnerability was found in GNU cflow 1.7. It has been rated as probl ...) - cflow (unimportant) NOTE: https://github.com/DaisyPo/fuzzing-vulncollect/blob/main/cflow/stack-overflow/parser.c/README.md - NOTE: negligible security impact + NOTE: Crash in CLI tool, no security impact CVE-2023-2782 (Sensitive information disclosure due to improper authorization. The fo ...) NOT-FOR-US: Acronis Cyber Infrastructure (ACI) CVE-2023-2481 (Compiler removal of buffer clearing in sli_se_opaque_import_key...) @@ -495,19 +495,32 @@ CVE-2023-31983 (A Command Injection vulnerability in Edimax Wireless Router N300 CVE-2023-31922 (QuickJS commit 2788d71 was discovered to contain a stack-overflow via ...) NOT-FOR-US: QuickJS CVE-2023-31921 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertio ...) - TODO: check + - iotjs (Vulnerable code not present) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/5068 CVE-2023-31920 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertio ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/5070 CVE-2023-31919 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertio ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/5069 CVE-2023-31918 (Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertio ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/5064 CVE-2023-31916 (Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertio ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/5062 CVE-2023-31914 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memo ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/5071 CVE-2023-31913 (Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertio ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/5061 CVE-2023-2682 (A vulnerability was found in Caton Live up to 2023-04-26 and classifie ...) NOT-FOR-US: Caton Live CVE-2023-2680 [hcd-ehci: DMA reentrancy issue (incomplete fix for CVE-2021-3750)] View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e37895a83c9f4c7112878464bc93fcee4ece10f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e37895a83c9f4c7112878464bc93fcee4ece10f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] new iotjs issues
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 93722bea by Moritz Muehlenhoff at 2023-04-26T12:39:08+02:00 new iotjs issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2537,7 +2537,8 @@ CVE-2023-30416 CVE-2023-30415 RESERVED CVE-2023-30414 (Jerryscript commit 1a2c047 was discovered to contain a stack overflow ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) CVE-2023-30413 RESERVED CVE-2023-30412 @@ -2545,15 +2546,18 @@ CVE-2023-30412 CVE-2023-30411 RESERVED CVE-2023-30410 (Jerryscript commit 1a2c047 was discovered to contain a stack overflow ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) CVE-2023-30409 RESERVED CVE-2023-30408 (Jerryscript commit 1a2c047 was discovered to contain a segmentation vi ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) CVE-2023-30407 RESERVED CVE-2023-30406 (Jerryscript commit 1a2c047 was discovered to contain a segmentation vi ...) - TODO: check + - iotjs + [bullseye] - iotjs (Minor issue) CVE-2023-30405 RESERVED CVE-2023-30404 (Aigital Wireless-N Repeater Mini_Router v0.131229 was discovered to co ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93722beac11853d537dd9fc5d80a756c96182e32 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93722beac11853d537dd9fc5d80a756c96182e32 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits