Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5f7708e0 by Neil Williams at 2022-04-06T11:06:08+01:00 CVE-2022-1106/mruby vulnerable code introduced later - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -2034,10 +2034,10 @@ CVE-2022-27929 CVE-2022-27928 RESERVED CVE-2022-1106 (use after free in mrb_vm_exec in GitHub repository mruby/mruby prior t ...) - - mruby <undetermined> + - mruby <not-affected> (Vulnerable code introduced later) NOTE: https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f NOTE: https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c - TODO: check + NOTE: Vulnerable code introduced in https://github.com/mruby/mruby/commit/b137eb2678cfba8d6ffcddff5326ebe8eb7f6a24 (3.1.0-rc2) CVE-2022-1105 (An improper access control vulnerability in GitLab CE/EE affecting all ...) TODO: check CVE-2022-1104 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f7708e06a8d80603cdbfeaa22c061440be1b40e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f7708e06a8d80603cdbfeaa22c061440be1b40e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits