[Git][security-tracker-team/security-tracker][master] Add two new quickjs issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
651f1819 by Salvatore Bonaccorso at 2026-03-10T09:16:51+01:00
Add two new quickjs issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -919,9 +919,13 @@ CVE-2026-1468 (QuickCMS is vulnerable to Cross-Site Request Forgery across multi
 CVE-2025-70363 (Incorrect access control in the REST API of Ibexa & Ciril GROUP eZ Pla ...)
 	NOT-FOR-US: Ibexa & Ciril GROUP eZ Platform / Ciril Platform
 CVE-2025-69654 (A crafted JavaScript input executed with the QuickJS release 2025-09-1 ...)
-	TODO: check
+	- quickjs <unfixed>
+	NOTE: https://github.com/bellard/quickjs/issues/468
+	NOTE: Fixed by: https://github.com/bellard/quickjs/commit/fcd33c1afa7b3028531f53cd1190a3877454f6b3
 CVE-2025-69653 (A crafted JavaScript input can trigger an internal assertion failure i ...)
-	TODO: check
+	- quickjs <unfixed>
+	NOTE: https://github.com/bellard/quickjs/issues/467
+	NOTE: Fixed by: https://github.com/bellard/quickjs/commit/1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6
 CVE-2025-69652 (GNU Binutils thru 2.46 readelf contains a vulnerability that leads to  ...)
 	- binutils <unfixed> (unimportant)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=33701



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/651f1819154daea264c7239d1eba03c980b465c7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/651f1819154daea264c7239d1eba03c980b465c7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260310/46f2d4db/attachment-0001.htm>