From 77210730ce69af5798578985edc1a1af5a209395 Mon Sep 17 00:00:00 2001
From: security tracker role <sectracker@soriano.debian.org>
Date: Fri, 21 Jan 2022 08:10:14 +0000
Subject: automatic update

---
 data/CVE/list.2020 |   4 +-
 data/CVE/list.2021 | 128 +++++++++++++++++++++++++++--------------------------
 data/CVE/list.2022 |  88 ++++++++++++++++++++++++++----------
 3 files changed, 132 insertions(+), 88 deletions(-)

diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index 9ce9e09b95..b94374edf0 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -18605,8 +18605,8 @@ CVE-2020-23317
 	RESERVED
 CVE-2020-23316
 	RESERVED
-CVE-2020-23315
-	RESERVED
+CVE-2020-23315 (There is an ASSERTION (pFuncBody-&gt;GetYieldRegister() == oldYieldReg ...)
+	TODO: check
 CVE-2020-23314 (There is an Assertion 'block_found' failed at js-parser-statm.c:2003 p ...)
 	- iotjs <unfixed> (bug #989991)
 	[bullseye] - iotjs <no-dsa> (Minor issue)
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 506bbdee79..74df2c1c81 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -1,3 +1,5 @@
+CVE-2021-46402
+	RESERVED
 CVE-2021-46401
 	RESERVED
 CVE-2021-46400
@@ -98,66 +100,66 @@ CVE-2021-46353
 	RESERVED
 CVE-2021-46352
 	RESERVED
-CVE-2021-46351
-	RESERVED
-CVE-2021-46350
-	RESERVED
-CVE-2021-46349
-	RESERVED
-CVE-2021-46348
-	RESERVED
-CVE-2021-46347
-	RESERVED
-CVE-2021-46346
-	RESERVED
-CVE-2021-46345
-	RESERVED
-CVE-2021-46344
-	RESERVED
-CVE-2021-46343
-	RESERVED
-CVE-2021-46342
-	RESERVED
+CVE-2021-46351 (There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustme ...)
+	TODO: check
+CVE-2021-46350 (There is an Assertion 'ecma_is_value_object (value)' failed at jerrysc ...)
+	TODO: check
+CVE-2021-46349 (There is an Assertion 'type == ECMA_OBJECT_TYPE_GENERAL || type == ECM ...)
+	TODO: check
+CVE-2021-46348 (There is an Assertion 'ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p)' fa ...)
+	TODO: check
+CVE-2021-46347 (There is an Assertion 'ecma_object_check_class_name_is_object (obj_p)' ...)
+	TODO: check
+CVE-2021-46346 (There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustme ...)
+	TODO: check
+CVE-2021-46345 (There is an Assertion 'cesu8_cursor_p == cesu8_end_p' failed at /jerry ...)
+	TODO: check
+CVE-2021-46344 (There is an Assertion 'flags &amp; PARSER_PATTERN_HAS_REST_ELEMENT' fa ...)
+	TODO: check
+CVE-2021-46343 (There is an Assertion 'context_p-&gt;token.type == LEXER_LITERAL' fail ...)
+	TODO: check
+CVE-2021-46342 (There is an Assertion 'ecma_is_lexical_environment (obj_p) || !ecma_op ...)
+	TODO: check
 CVE-2021-46341
 	RESERVED
-CVE-2021-46340
-	RESERVED
-CVE-2021-46339
-	RESERVED
-CVE-2021-46338
-	RESERVED
-CVE-2021-46337
-	RESERVED
-CVE-2021-46336
-	RESERVED
-CVE-2021-46335
-	RESERVED
-CVE-2021-46334
-	RESERVED
-CVE-2021-46333
-	RESERVED
-CVE-2021-46332
-	RESERVED
-CVE-2021-46331
-	RESERVED
-CVE-2021-46330
-	RESERVED
-CVE-2021-46329
-	RESERVED
-CVE-2021-46328
-	RESERVED
-CVE-2021-46327
-	RESERVED
-CVE-2021-46326
-	RESERVED
-CVE-2021-46325
-	RESERVED
-CVE-2021-46324
-	RESERVED
-CVE-2021-46323
-	RESERVED
-CVE-2021-46322
-	RESERVED
+CVE-2021-46340 (There is an Assertion 'context_p-&gt;stack_top_uint8 == SCAN_STACK_TRY ...)
+	TODO: check
+CVE-2021-46339 (There is an Assertion 'lit_is_valid_cesu8_string (string_p, string_siz ...)
+	TODO: check
+CVE-2021-46338 (There is an Assertion 'ecma_is_lexical_environment (object_p)' failed  ...)
+	TODO: check
+CVE-2021-46337 (There is an Assertion 'page_p != NULL' failed at /parser/js/js-parser- ...)
+	TODO: check
+CVE-2021-46336 (There is an Assertion 'opts &amp; PARSER_CLASS_LITERAL_CTOR_PRESENT' f ...)
+	TODO: check
+CVE-2021-46335 (Moddable SDK v11.5.0 was discovered to contain a NULL pointer derefere ...)
+	TODO: check
+CVE-2021-46334 (Moddable SDK v11.5.0 was discovered to contain a stack buffer overflow ...)
+	TODO: check
+CVE-2021-46333 (Moddable SDK v11.5.0 was discovered to contain an invalid memory acces ...)
+	TODO: check
+CVE-2021-46332 (Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow  ...)
+	TODO: check
+CVE-2021-46331 (Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability vi ...)
+	TODO: check
+CVE-2021-46330 (Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability vi ...)
+	TODO: check
+CVE-2021-46329 (Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability vi ...)
+	TODO: check
+CVE-2021-46328 (Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow  ...)
+	TODO: check
+CVE-2021-46327 (Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability vi ...)
+	TODO: check
+CVE-2021-46326 (Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow  ...)
+	TODO: check
+CVE-2021-46325 (Espruino 2v10.246 was discovered to contain a stack buffer overflow vi ...)
+	TODO: check
+CVE-2021-46324 (Espruino 2v11.251 was discovered to contain a stack buffer overflow vi ...)
+	TODO: check
+CVE-2021-46323 (Espruino 2v11.251 was discovered to contain a SEGV vulnerability via s ...)
+	TODO: check
+CVE-2021-46322 (Duktape v2.99.99 was discovered to contain a SEGV vulnerability via th ...)
+	TODO: check
 CVE-2021-46321
 	RESERVED
 CVE-2021-46320
@@ -747,8 +749,8 @@ CVE-2021-46063
 	RESERVED
 CVE-2021-46062
 	RESERVED
-CVE-2021-46061
-	RESERVED
+CVE-2021-46061 (An SQL Injection vulnerability exists in Sourcecodester Computer and M ...)
+	TODO: check
 CVE-2021-46060
 	REJECTED
 CVE-2021-46059
@@ -30360,6 +30362,7 @@ CVE-2021-33915
 CVE-2021-33914
 	RESERVED
 CVE-2021-33913 (libspf2 before 1.2.11 has a heap-based buffer overflow that might allo ...)
+	{DLA-2890-1}
 	- libspf2 1.2.10-7.1
 	[bullseye] - libspf2 1.2.10-7.1~deb11u1
 	[buster] - libspf2 1.2.10-7.1~deb10u1
@@ -30367,6 +30370,7 @@ CVE-2021-33913 (libspf2 before 1.2.11 has a heap-based buffer overflow that migh
 	NOTE: https://github.com/shevek/libspf2/pull/35
 	NOTE: https://github.com/shevek/libspf2/commit/f06fef6cede4c4cb42f2c617496e6041782d7070
 CVE-2021-33912 (libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that  ...)
+	{DLA-2890-1}
 	- libspf2 1.2.10-7.1
 	[bullseye] - libspf2 1.2.10-7.1~deb11u1
 	[buster] - libspf2 1.2.10-7.1~deb10u1
@@ -40961,8 +40965,8 @@ CVE-2021-29787
 	RESERVED
 CVE-2021-29786 (IBM Jazz Team Server products stores user credentials in clear text wh ...)
 	NOT-FOR-US: IBM
-CVE-2021-29785
-	RESERVED
+CVE-2021-29785 (IBM Security SOAR V42 and V43could allow a remote attacker to obtain s ...)
+	TODO: check
 CVE-2021-29784 (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker t ...)
 	NOT-FOR-US: IBM
 CVE-2021-29783
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022
index f1f7cbd042..89b570299c 100644
--- a/data/CVE/list.2022
+++ b/data/CVE/list.2022
@@ -1,3 +1,43 @@
+CVE-2022-23809
+	RESERVED
+CVE-2022-23808
+	RESERVED
+CVE-2022-23807
+	RESERVED
+CVE-2022-23806
+	RESERVED
+CVE-2022-23805
+	RESERVED
+CVE-2022-23804
+	RESERVED
+CVE-2022-23803
+	RESERVED
+CVE-2022-23802
+	RESERVED
+CVE-2022-23801
+	RESERVED
+CVE-2022-23800
+	RESERVED
+CVE-2022-23799
+	RESERVED
+CVE-2022-23798
+	RESERVED
+CVE-2022-23797
+	RESERVED
+CVE-2022-23796
+	RESERVED
+CVE-2022-23795
+	RESERVED
+CVE-2022-23794
+	RESERVED
+CVE-2022-23793
+	RESERVED
+CVE-2022-0326 (NULL Pointer Dereference in Homebrew mruby prior to 3.2. ...)
+	TODO: check
+CVE-2022-0325
+	RESERVED
+CVE-2022-0324
+	RESERVED
 CVE-2022-23792
 	RESERVED
 CVE-2022-23791
@@ -1110,10 +1150,10 @@ CVE-2022-23317
 	RESERVED
 CVE-2022-23316
 	RESERVED
-CVE-2022-23315
-	RESERVED
-CVE-2022-23314
-	RESERVED
+CVE-2022-23315 (MCMS v5.2.4 was discovered to contain an arbitrary file upload vulnera ...)
+	TODO: check
+CVE-2022-23314 (MCMS v5.2.4 was discovered to contain a SQL injection vulnerability vi ...)
+	TODO: check
 CVE-2022-23313
 	RESERVED
 CVE-2022-22137
@@ -2149,12 +2189,12 @@ CVE-2022-22932
 	RESERVED
 CVE-2022-22931
 	RESERVED
-CVE-2022-22930
-	RESERVED
-CVE-2022-22929
-	RESERVED
-CVE-2022-22928
-	RESERVED
+CVE-2022-22930 (A remote code execution (RCE) vulnerability in the Template Management ...)
+	TODO: check
+CVE-2022-22929 (MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerabil ...)
+	TODO: check
+CVE-2022-22928 (MCMS v5.2.4 was discovered to have a hardcoded shiro-key, allowing att ...)
+	TODO: check
 CVE-2022-22927
 	RESERVED
 CVE-2022-22926
@@ -2219,22 +2259,22 @@ CVE-2022-22897
 	RESERVED
 CVE-2022-22896
 	RESERVED
-CVE-2022-22895
-	RESERVED
-CVE-2022-22894
-	RESERVED
-CVE-2022-22893
-	RESERVED
-CVE-2022-22892
-	RESERVED
-CVE-2022-22891
-	RESERVED
-CVE-2022-22890
-	RESERVED
+CVE-2022-22895 (Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via ...)
+	TODO: check
+CVE-2022-22894 (Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_ ...)
+	TODO: check
+CVE-2022-22893 (Jerryscript 3.0.0 was discovered to contain a stack overflow via vm_lo ...)
+	TODO: check
+CVE-2022-22892 (There is an Assertion 'ecma_is_value_undefined (value) || ecma_is_valu ...)
+	TODO: check
+CVE-2022-22891 (Jerryscript 3.0.0 was discovered to contain a SEGV vulnerability via e ...)
+	TODO: check
+CVE-2022-22890 (There is an Assertion 'arguments_type != SCANNER_ARGUMENTS_PRESENT &am ...)
+	TODO: check
 CVE-2022-22889
 	RESERVED
-CVE-2022-22888
-	RESERVED
+CVE-2022-22888 (Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_ ...)
+	TODO: check
 CVE-2022-22887
 	RESERVED
 CVE-2022-22886
-- 
cgit v1.2.3