Add CVE-2022-0240/mruby

author: Salvatore Bonaccorso <carnil@debian.org> 2022-01-22 17:06:06 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-01-22 17:06:06 +0100
commit: b7f01a361c7beae740591ca2791668548d4fb998 (patch)
tree: 8521c97cdafcd78490bede3673d7f5288dcbfe81 /data
parent: 47339f85332aaaaca44169a1266c4f7defd29f4f (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index fc80d3dde4..979e2b487d 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1604,7 +1604,9 @@ CVE-2022-0242 (Unrestricted Upload of File with Dangerous Type in GitHub reposit
 CVE-2022-0241
 	RESERVED
 CVE-2022-0240 (mruby is vulnerable to NULL Pointer Dereference ...)
-	TODO: check
+	- mruby <unfixed>
+	NOTE: https://huntr.dev/bounties/5857eced-aad9-417d-864e-0bdf17226cbb/
+	NOTE: https://github.com/mruby/mruby/commit/31fa3304049fc406a201a72293cce140f0557dca
 CVE-2022-0239 (corenlp is vulnerable to Improper Restriction of XML External Entity R ...)
 	NOT-FOR-US: corenlp
 CVE-2022-0238 (phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2022-01-22 17:06:06 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-01-22 17:06:06 +0100
commit	b7f01a361c7beae740591ca2791668548d4fb998 (patch)
tree	8521c97cdafcd78490bede3673d7f5288dcbfe81 /data
parent	47339f85332aaaaca44169a1266c4f7defd29f4f (diff)