diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2022-01-01 09:49:12 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-01-01 09:49:12 +0100 |
| commit | 706bda1696e82c4f4830a9ffad0ffb9a63db9641 (patch) | |
| tree | 0cf345451dbe8f0bf8806261822638d97ee24a42 | |
| parent | befc0b9a23b38c66ffdfe6b06ddcedc53d779080 (diff) | |
Add CVE-2021-45944/ghostscript
| -rw-r--r-- | data/CVE/2021.list | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list index ab5c565c30..9601b0f288 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -57,7 +57,10 @@ CVE-2021-45946 (Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called f CVE-2021-45945 (uWebSockets 19.0.0 through 20.8.0 has an out-of-bounds write in std::_ ...) TODO: check CVE-2021-45944 (Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampl ...) - TODO: check + - ghostscript <unfixed> + NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29903 + NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ghostscript/OSV-2021-237.yaml + TODO: check, oss-fuzz "fixing commit" cannot be correct as it only removes a documentation snippet. CVE-2021-45943 (GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::C ...) TODO: check CVE-2021-45942 (OpenEXR 3.1.0 through 3.1.3 has a heap-based buffer overflow in Imf_3_ ...) |