CVE-2021-44988 & CVE-2021-4499{2,3,4} in iotjs - not affected

1 files changed, 14 insertions, 4 deletions

diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 85d7a6f6b1..4478d733e3 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -3974,11 +3974,18 @@ CVE-2021-44996
 CVE-2021-44995
 	RESERVED
 CVE-2021-44994 (There is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0' ...)
-	TODO: check
+	- iotjs <not-affected> (Vulnerable code introduced later)
+	NOTE: https://github.com/jerryscript-project/jerryscript/issues/4894
+	NOTE: https://github.com/jerryscript-project/jerryscript/pull/4944
+	NOTE: https://github.com/jerryscript-project/jerryscript/issues/4895
 CVE-2021-44993 (There is an Assertion ''ecma_is_value_boolean (base_value)'' failed at ...)
-	TODO: check
+	- iotjs <not-affected> (Vulnerable code introduced later)
+	NOTE: https://github.com/jerryscript-project/jerryscript/issues/4876
+	NOTE: https://github.com/jerryscript-project/jerryscript/pull/4878
 CVE-2021-44992 (There is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at  ...)
-	TODO: check
+	- iotjs <not-affected> (Vulnerable code introduced later)
+	NOTE: https://github.com/jerryscript-project/jerryscript/issues/4875
+	NOTE: https://github.com/jerryscript-project/jerryscript/pull/4879
 CVE-2021-44991
 	RESERVED
 CVE-2021-44990
@@ -3986,7 +3993,10 @@ CVE-2021-44990
 CVE-2021-44989
 	RESERVED
 CVE-2021-44988 (Jerryscript v3.0.0 and below was discovered to contain a stack overflo ...)
-	TODO: check
+	- iotjs <not-affected> (Vulnerable code introduced later)
+	NOTE: https://github.com/jerryscript-project/jerryscript/issues/4891
+	NOTE: https://github.com/jerryscript-project/jerryscript/issues/4890
+	NOTE: https://github.com/jerryscript-project/jerryscript/pull/4899
 CVE-2021-44987
 	RESERVED
 CVE-2021-44986