Skip to content

Commit 1ada3f2

Browse files
Samuel GroßV8-internal LUCI CQ
Samuel Groß
authored and
V8-internal LUCI CQ
committed
Add two CVE entries for JavaScriptCore
Change-Id: Iabd5d8f280c262db1965c84a082247d61e0c44d9 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8464197 Auto-Submit: Samuel Groß <[email protected]> Reviewed-by: Matthias Liedtke <[email protected]> Commit-Queue: Matthias Liedtke <[email protected]>
1 parent 67aa2c8 commit 1ada3f2

File tree

1 file changed

+2
-0
lines changed

1 file changed

+2
-0
lines changed

README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -167,6 +167,8 @@ Special thanks to all users of Fuzzilli who have reported bugs found by it!
167167
* [CVE-2022-46696](https://bugs.webkit.org/show_bug.cgi?id=246942): Assertion failure due to missing exception check in JIT-compiled code
168168
* [CVE-2022-46699](https://bugs.webkit.org/show_bug.cgi?id=247420): Assertion failure due to incorrect caching of special properties in ICs
169169
* [CVE-2022-46700](https://bugs.webkit.org/show_bug.cgi?id=247562): Intl.Locale.prototype.hourCycles leaks empty JSValue to script
170+
* [CVE-2025-43214](https://bugs.webkit.org/show_bug.cgi?id=292621): Memory corruption during JSToWasmEntry when iterating over the stack
171+
* [CVE-2025-43213](https://bugs.webkit.org/show_bug.cgi?id=292916): Invalid typing of NewRegExpUntyped operation
170172

171173
#### Gecko/Spidermonkey
172174

0 commit comments

Comments
 (0)