From 8d0859a82c2c8214a2e3786b13f29d6cb54eba37 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Tue, 22 Feb 2022 07:18:27 +0100 Subject: Add three mruby issues --- data/CVE/list.2022 | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index 7de1390be3..a6ae543200 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -957,11 +957,17 @@ CVE-2022-0634 CVE-2022-0633 (The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before ...) NOT-FOR-US: WordPress plugin CVE-2022-0632 (NULL Pointer Dereference in Homebrew mruby prior to 3.2. ...) - TODO: check + - mruby (Vulnerable code introduced later) + NOTE: https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b + NOTE: https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d CVE-2022-0631 (Heap-based Buffer Overflow in Homebrew mruby prior to 3.2. ...) - TODO: check + - mruby (Vulnerable code introduced later) + NOTE: https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40 + NOTE: https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299 CVE-2022-0630 (Out-of-bounds Read in Homebrew mruby prior to 3.2. ...) - TODO: check + - mruby (Vulnerable code introduced later) + NOTE: https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32 + NOTE: https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad CVE-2022-0629 (Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...) - vim [bullseye] - vim (Minor issue) -- cgit v1.2.3