diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2020-12-13 20:14:28 +0100 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2020-12-13 20:14:28 +0100 |
commit | d9d900c410fa9cf4dd9d975e26e4471eda4524f1 (patch) | |
tree | 030035f2c7b6b6045b6aa78596b4bd529da16b3e /data/CVE/2018.list | |
parent | d8a28570b583218ef96893414fb5c7bf8f6345d0 (diff) |
associate various JerryScript NFUs with iotjs, marked as <unfixed> initially
Diffstat (limited to 'data/CVE/2018.list')
-rw-r--r-- | data/CVE/2018.list | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/data/CVE/2018.list b/data/CVE/2018.list index e0cad33115..de3867897a 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -15291,7 +15291,8 @@ CVE-2018-1000639 (LatexDraw version <=4.0 contains a XML External Entity (XXE CVE-2018-1000638 (MiniCMS version 1.1 contains a Cross Site Scripting (XSS) vulnerabilit ...) NOT-FOR-US: MiniCMS CVE-2018-1000636 (JerryScript version Tested on commit f86d7459d195c8ba58479d1861b0cc726 ...) - NOT-FOR-US: JerryScript + - iotjs <unfixed> + NOTE: https://github.com/jerryscript-project/jerryscript/issues/2435 CVE-2018-1000635 (The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 co ...) NOT-FOR-US: Open Microscopy Environment CVE-2018-1000634 (The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 co ...) @@ -26148,9 +26149,11 @@ CVE-2018-11421 (Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and pri CVE-2018-11420 (There is Memory corruption in the web interface of Moxa OnCell G3100-H ...) NOT-FOR-US: Moxa CVE-2018-11419 (An issue was discovered in JerryScript 1.0. There is a heap-based buff ...) - NOT-FOR-US: JerryScript + - iotjs <unfixed> + NOTE: https://github.com/jerryscript-project/jerryscript/issues/2230 CVE-2018-11418 (An issue was discovered in JerryScript 1.0. There is a heap-based buff ...) - NOT-FOR-US: JerryScript + - iotjs <unfixed> + NOTE: https://github.com/jerryscript-project/jerryscript/issues/2237 CVE-2018-11417 RESERVED CVE-2018-11416 (jpegoptim.c in jpegoptim 1.4.5 (fixed in 1.4.6) has an invalid use of ...) |