diff options
| author | Markus Koschany <apo@debian.org> | 2023-09-04 12:35:45 +0200 |
|---|---|---|
| committer | Markus Koschany <apo@debian.org> | 2023-09-04 12:39:44 +0200 |
| commit | 653297d601c73f51176d8eac23734a5ed27a9630 (patch) | |
| tree | 6ad4e127b5538abce65c9accddf277314cbf3cb5 /data | |
| parent | bc8271f92cf3e8042824324b7f9e2084024bb87b (diff) | |
Triage some wabt CVE as fixed in unstable and earlier versions.
According to upstream CVE-2022-43280, CVE-2022-43281, CVE-2022-43282 and
CVE-2022-43283 have been fixed with pull request
https://github.com/WebAssembly/wabt/pull/1887
https://github.com/WebAssembly/wabt/pull/1931
First fixing version in Debian was 1.0.30-1
Pull request https://github.com/WebAssembly/wabt/pull/2218
fixed at least CVE-2023-31670.
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/data/CVE/list b/data/CVE/list index e50e252794..889f337771 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -13011,7 +13011,7 @@ CVE-2023-31740 (There is a command injection vulnerability in the Linksys E2000 CVE-2023-31708 (A Cross-Site Request Forgery (CSRF) in EyouCMS v1.6.2 allows attackers ...) NOT-FOR-US: EyouCMS CVE-2023-31670 (An issue in wasm2c 1.0.32, wasm2wat 1.0.32, wasm-decompile 1.0.32, and ...) - - wabt <unfixed> (unimportant) + - wabt 1.0.33-1 (unimportant) NOTE: https://github.com/WebAssembly/wabt/issues/2199 NOTE: Crash in CLI tool, no security impact CVE-2023-31664 (A reflected cross-site scripting (XSS) vulnerability in /authenticatio ...) @@ -61441,19 +61441,19 @@ CVE-2022-43285 (Nginx NJS v0.7.4 was discovered to contain a segmentation violat CVE-2022-43284 (Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation vi ...) NOT-FOR-US: njs CVE-2022-43283 (wasm2c v1.0.29 was discovered to contain an abort in CWriter::Write.) - - wabt <unfixed> (unimportant) + - wabt 1.0.30-1 (unimportant) NOTE: https://github.com/WebAssembly/wabt/issues/1985 NOTE: Crash in CLI tool, no security impact CVE-2022-43282 (wasm-interp v1.0.29 was discovered to contain an out-of-bounds read vi ...) - - wabt <unfixed> (unimportant) + - wabt 1.0.30-1 (unimportant) NOTE: https://github.com/WebAssembly/wabt/issues/1983 NOTE: Crash in CLI tool, no security impact CVE-2022-43281 (wasm-interp v1.0.29 was discovered to contain a heap overflow via the ...) - - wabt <unfixed> (unimportant) + - wabt 1.0.30-1 (unimportant) NOTE: https://github.com/WebAssembly/wabt/issues/1981 NOTE: Crash in CLI tool, no security impact CVE-2022-43280 (wasm-interp v1.0.29 was discovered to contain an out-of-bounds read vi ...) - - wabt <unfixed> (unimportant) + - wabt 1.0.30-1 (unimportant) NOTE: https://github.com/WebAssembly/wabt/issues/1982 NOTE: Crash in CLI tool, no security impact CVE-2022-43279 (LimeSurvey v5.4.4 was discovered to contain a SQL injection vulnerabil ...) |