diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-09 21:38:48 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-09 21:38:48 +0100 |
| commit | 47bdfdeda481d3633872c9e1faa51df5606d171a (patch) | |
| tree | 30c81327354b84ef67cd1d74c5a268ca2cf3d90e /data | |
| parent | 2bc9b5a3de85eb2df302d786a4f9cf742616ef86 (diff) | |
Add CVE-2022-0525/mruby
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list.2022 | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index ff445f6d8f..02577d7a33 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -136,7 +136,9 @@ CVE-2022-0527 (Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot CVE-2022-0526 (Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot/chat ...) TODO: check CVE-2022-0525 (Out-of-bounds Read in Homebrew mruby prior to 3.2. ...) - TODO: check + - mruby <not-affected> (Vulnerable code introduced later) + NOTE: https://huntr.dev/bounties/e19e109f-acf0-4048-8ee8-1b10a870f1e9 + NOTE: https://github.com/mruby/mruby/commit/0849a2885f81cfd82134992c06df3ccd59052ac7 CVE-2022-0524 (Business Logic Errors in GitHub repository publify/publify prior to 9. ...) TODO: check CVE-2022-0523 (Expired Pointer Dereference in GitHub repository radareorg/radare2 pri ...) |