Add CVE-2022-1071/mruby

author: Salvatore Bonaccorso <carnil@debian.org> 2022-03-27 21:10:29 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-03-27 21:10:29 +0200
commit: c2e864e1b3bfce4c4e17daeb70a9bafcccd0e7d4 (patch)
tree: 2c5c18d8788ef257455cdea95f82e90d4e376372
parent: 9c2e527913bf75c2f525873eca8d3957b9e80f2b (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 6db3c05e4a..a83c84d697 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -266,7 +266,10 @@ CVE-2022-27494
 CVE-2022-26423
 	RESERVED
 CVE-2022-1071 (User after free in mrb_vm_exec in GitHub repository mruby/mruby prior  ...)
-	TODO: check
+	- mruby <undetermined>
+	NOTE: https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3
+	NOTE: https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f
+	TODO: check where issue introduced and present before code refactoring
 CVE-2022-1070
 	RESERVED
 CVE-2022-1069
author	Salvatore Bonaccorso <carnil@debian.org>	2022-03-27 21:10:29 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-03-27 21:10:29 +0200
commit	c2e864e1b3bfce4c4e17daeb70a9bafcccd0e7d4 (patch)
tree	2c5c18d8788ef257455cdea95f82e90d4e376372
parent	9c2e527913bf75c2f525873eca8d3957b9e80f2b (diff)