[Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-45958/ujson
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Feb 7 19:45:28 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3383f5a5 by Salvatore Bonaccorso at 2022-02-07T20:44:56+01:00
Update information on CVE-2021-45958/ujson
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7657,9 +7657,10 @@ CVE-2022-0078
CVE-2021-45959
REJECTED
CVE-2021-45958 (UltraJSON (aka ujson) 4.0.2 through 5.0.0 has a stack-based buffer ove ...)
- - ujson <undetermined>
+ - ujson <unfixed>
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36009
- TODO: wait for clarification in https://github.com/ultrajson/ultrajson/issues/502
+ NOTE: https://github.com/ultrajson/ultrajson/issues/501
+ NOTE: https://github.com/ultrajson/ultrajson/issues/502
CVE-2021-45957 (Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (calle ...)
- dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35920
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3383f5a534062d521ea99215181a70c26551b4e3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3383f5a534062d521ea99215181a70c26551b4e3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220207/37964c8b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list