[Git][security-tracker-team/security-tracker][master] new iotjs issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri May 19 11:35:35 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6e37895a by Moritz Muehlenhoff at 2023-05-19T12:34:56+02:00
new iotjs issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33,7 +33,7 @@ CVE-2023-2790 (A vulnerability classified as problematic has been found in TOTOL
CVE-2023-2789 (A vulnerability was found in GNU cflow 1.7. It has been rated as probl ...)
- cflow <unfixed> (unimportant)
NOTE: https://github.com/DaisyPo/fuzzing-vulncollect/blob/main/cflow/stack-overflow/parser.c/README.md
- NOTE: negligible security impact
+ NOTE: Crash in CLI tool, no security impact
CVE-2023-2782 (Sensitive information disclosure due to improper authorization. The fo ...)
NOT-FOR-US: Acronis Cyber Infrastructure (ACI)
CVE-2023-2481 (Compiler removal of buffer clearing in sli_se_opaque_import_key ...)
@@ -495,19 +495,32 @@ CVE-2023-31983 (A Command Injection vulnerability in Edimax Wireless Router N300
CVE-2023-31922 (QuickJS commit 2788d71 was discovered to contain a stack-overflow via ...)
NOT-FOR-US: QuickJS
CVE-2023-31921 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertio ...)
- TODO: check
+ - iotjs <not-affected> (Vulnerable code not present)
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/5068
CVE-2023-31920 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertio ...)
- TODO: check
+ - iotjs <unfixed>
+ [bullseye] - iotjs <ignored> (Minor issue)
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/5070
CVE-2023-31919 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertio ...)
- TODO: check
+ - iotjs <unfixed>
+ [bullseye] - iotjs <ignored> (Minor issue)
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/5069
CVE-2023-31918 (Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertio ...)
- TODO: check
+ - iotjs <unfixed>
+ [bullseye] - iotjs <ignored> (Minor issue)
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/5064
CVE-2023-31916 (Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertio ...)
- TODO: check
+ - iotjs <unfixed>
+ [bullseye] - iotjs <ignored> (Minor issue)
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/5062
CVE-2023-31914 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memo ...)
- TODO: check
+ - iotjs <unfixed>
+ [bullseye] - iotjs <ignored> (Minor issue)
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/5071
CVE-2023-31913 (Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertio ...)
- TODO: check
+ - iotjs <unfixed>
+ [bullseye] - iotjs <ignored> (Minor issue)
+ NOTE: https://github.com/jerryscript-project/jerryscript/issues/5061
CVE-2023-2682 (A vulnerability was found in Caton Live up to 2023-04-26 and classifie ...)
NOT-FOR-US: Caton Live
CVE-2023-2680 [hcd-ehci: DMA reentrancy issue (incomplete fix for CVE-2021-3750)]
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e37895a83c9f4c7112878464bc93fcee4ece10f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e37895a83c9f4c7112878464bc93fcee4ece10f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230519/1a77969c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list