[Git][security-tracker-team/security-tracker][master] Add CVE-2022-0080/mruby

Sun Jan 2 20:54:14 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
37a5e91f by Salvatore Bonaccorso at 2022-01-02T21:52:26+01:00
Add CVE-2022-0080/mruby

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -52,7 +52,9 @@ CVE-2021-45962
 CVE-2021-45961
 	RESERVED
 CVE-2022-0080 (mruby is vulnerable to Heap-based Buffer Overflow ...)
-	TODO: check
+	- mruby <unfixed>
+	NOTE: https://huntr.dev/bounties/59a70392-4864-4ce3-8e35-6ac2111d1e2e/
+	NOTE: https://github.com/mruby/mruby/commit/28ccc664e5dcd3f9d55173e9afde77c4705a9ab6
 CVE-2021-45960 (In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) pla ...)
 	- expat <unfixed> (bug #1002994)
 	[bullseye] - expat <no-dsa> (Minor issue; can be fixed via point release)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37a5e91fe797d5c0d0b9fd31e4a0d25224cf014b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37a5e91fe797d5c0d0b9fd31e4a0d25224cf014b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220102/3fd2c0c8/attachment.htm>
