diff options
| author | Neil Williams <codehelp@debian.org> | 2022-01-24 11:56:19 +0000 |
|---|---|---|
| committer | Neil Williams <codehelp@debian.org> | 2022-01-24 11:56:34 +0000 |
| commit | 951c3a193442759c347c0279ca9fb63eeb1e45a9 (patch) | |
| tree | 26f653e23978fc5789cb860ee3b1450de69de3d4 | |
| parent | 6df7c5e77fde4f14b9c6eac1a8ab6a106a8cdedd (diff) | |
Add CVEs for iotjs
| -rw-r--r-- | data/CVE/list.2021 | 60 |
1 files changed, 45 insertions, 15 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index d735860b82..50f3cbf24a 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -110,37 +110,67 @@ CVE-2021-46353 CVE-2021-46352 RESERVED CVE-2021-46351 (There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustme ...) - TODO: check + - iotjs <not-affected> (Vulnerable code not yet introduced) + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4955 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4940 CVE-2021-46350 (There is an Assertion 'ecma_is_value_object (value)' failed at jerrysc ...) - TODO: check + - iotjs <not-affected> (Vulnerable code not yet introduced) + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4953 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4936 CVE-2021-46349 (There is an Assertion 'type == ECMA_OBJECT_TYPE_GENERAL || type == ECM ...) - TODO: check + - iotjs <unfixed> (bug #1004288) + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4954 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4937 CVE-2021-46348 (There is an Assertion 'ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p)' fa ...) - TODO: check + - iotjs <unfixed> (bug #1004288) + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4961 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4941 CVE-2021-46347 (There is an Assertion 'ecma_object_check_class_name_is_object (obj_p)' ...) - TODO: check + - iotjs <not-affected> (Vulnerable code not yet introduced) + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4954 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4938 CVE-2021-46346 (There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustme ...) - TODO: check + - iotjs <unfixed> (bug #1004288) + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4955 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4939 CVE-2021-46345 (There is an Assertion 'cesu8_cursor_p == cesu8_end_p' failed at /jerry ...) - TODO: check + - iotjs <not-affected> (Vulnerable code not yet introduced) + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4946 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4920 CVE-2021-46344 (There is an Assertion 'flags & PARSER_PATTERN_HAS_REST_ELEMENT' fa ...) - TODO: check + - iotjs <not-affected> (Vulnerable code not yet introduced) + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4950 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4928 CVE-2021-46343 (There is an Assertion 'context_p->token.type == LEXER_LITERAL' fail ...) - TODO: check + - iotjs <not-affected> (Vulnerable code not yet introduced) + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4947 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4921 CVE-2021-46342 (There is an Assertion 'ecma_is_lexical_environment (obj_p) || !ecma_op ...) - TODO: check + - iotjs <not-affected> (Vulnerable code not yet introduced) + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4952 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4934 CVE-2021-46341 RESERVED CVE-2021-46340 (There is an Assertion 'context_p->stack_top_uint8 == SCAN_STACK_TRY ...) - TODO: check + - iotjs <unfixed> (bug #1004288) + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4964 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4924 CVE-2021-46339 (There is an Assertion 'lit_is_valid_cesu8_string (string_p, string_siz ...) - TODO: check + - iotjs <undetermined> + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4935 CVE-2021-46338 (There is an Assertion 'ecma_is_lexical_environment (object_p)' failed ...) - TODO: check + - iotjs <unfixed> (bug #1004288) + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4943 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4933 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4900 CVE-2021-46337 (There is an Assertion 'page_p != NULL' failed at /parser/js/js-parser- ...) - TODO: check + - iotjs <not-affected> (Vulnerable code not yet introduced) + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4951 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4930 CVE-2021-46336 (There is an Assertion 'opts & PARSER_CLASS_LITERAL_CTOR_PRESENT' f ...) - TODO: check + - iotjs <not-affected> (Vulnerable code not yet introduced) + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4949 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4927 CVE-2021-46335 (Moddable SDK v11.5.0 was discovered to contain a NULL pointer derefere ...) NOT-FOR-US: Moddable SDK CVE-2021-46334 (Moddable SDK v11.5.0 was discovered to contain a stack buffer overflow ...) |