From c8da20c780ce9f3a281ab72dc7b8385e45d66239 Mon Sep 17 00:00:00 2001 From: Neil Williams Date: Tue, 25 Jan 2022 14:23:10 +0000 Subject: CVE-2021-44988 & CVE-2021-4499{2,3,4} in iotjs - not affected --- data/CVE/list.2021 | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 85d7a6f6b1..4478d733e3 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -3974,11 +3974,18 @@ CVE-2021-44996 CVE-2021-44995 RESERVED CVE-2021-44994 (There is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0' ...) - TODO: check + - iotjs (Vulnerable code introduced later) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4894 + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4944 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4895 CVE-2021-44993 (There is an Assertion ''ecma_is_value_boolean (base_value)'' failed at ...) - TODO: check + - iotjs (Vulnerable code introduced later) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4876 + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4878 CVE-2021-44992 (There is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at ...) - TODO: check + - iotjs (Vulnerable code introduced later) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4875 + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4879 CVE-2021-44991 RESERVED CVE-2021-44990 @@ -3986,7 +3993,10 @@ CVE-2021-44990 CVE-2021-44989 RESERVED CVE-2021-44988 (Jerryscript v3.0.0 and below was discovered to contain a stack overflo ...) - TODO: check + - iotjs (Vulnerable code introduced later) + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4891 + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4890 + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4899 CVE-2021-44987 RESERVED CVE-2021-44986 -- cgit v1.2.3