Add CVE-2021-46020/mruby

author: Salvatore Bonaccorso <carnil@debian.org> 2022-01-15 10:05:39 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-01-15 10:05:39 +0100
commit: af330a24439614ef4011ae226ea52f9b1927a846 (patch)
tree: 23af0201015b7a23ed9b5f6bda86a67a0c5e789d /data/CVE/list.2021
parent: aba107d3656b147d4dec8b8f8d7933ec4f7648c3 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 6cc5c2f52e..8bde55b2fe 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -686,7 +686,9 @@ CVE-2021-46021 (An Use-After-Free vulnerability in rec_record_destroy() at rec-r
 	NOTE: https://lists.gnu.org/archive/html/bug-recutils/2021-12/msg00008.html
 	NOTE: Negligible security impact
 CVE-2021-46020 (An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can  ...)
-	TODO: check
+	- mruby <unfixed>
+	NOTE: https://github.com/mruby/mruby/issues/5613
+	TODO: check details
 CVE-2021-46019 (An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GN ...)
 	- recutils <unfixed> (unimportant)
 	NOTE: https://lists.gnu.org/archive/html/bug-recutils/2021-12/msg00009.html
author	Salvatore Bonaccorso <carnil@debian.org>	2022-01-15 10:05:39 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-01-15 10:05:39 +0100
commit	af330a24439614ef4011ae226ea52f9b1927a846 (patch)
tree	23af0201015b7a23ed9b5f6bda86a67a0c5e789d /data/CVE/list.2021
parent	aba107d3656b147d4dec8b8f8d7933ec4f7648c3 (diff)