Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jerryscript jerryscript 1.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-18212
An issue exists in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function in lit/lit-char-helpers.c via a RegExp("[\x0"); payload.
Jerryscript Jerryscript 1.0
4.3
CVSSv2
CVE-2018-1000636
JerryScript version Tested on commit f86d7459d195c8ba58479d1861b0cc726c8b3793. Analysing history it seems that the issue has been present since commit 64a340ffeb8809b2b66bbe32fd443a8b79fdd860 contains a CWE-476: NULL Pointer Dereference vulnerability in Triggering undefined behav...
Jerryscript Jerryscript 1.0
6.8
CVSSv2
CVE-2017-14749
JerryScript 1.0 allows remote malicious users to cause a denial of service (jmem_heap_alloc_block_internal heap memory corruption) or possibly execute arbitrary code via a crafted .js file, because unrecognized \ characters cause incorrect 0x00 characters in bytecode.literal data...
Jerryscript Jerryscript 1.0
5
CVSSv2
CVE-2017-9250
The lexer_process_char_literal function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via malformed JavaScr...
Jerryscript Jerryscript 1.0
7.5
CVSSv2
CVE-2018-11419
An issue exists in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function via a RegExp("[\\u0") payload, related to re_parse_char_class in parser/regexp/re-parser.c.
Jerryscript Jerryscript 1.0
7.5
CVSSv2
CVE-2018-11418
An issue exists in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_utf8 function via a RegExp("[\\u0020") payload, related to re_parse_char_class in parser/regexp/re-parser.c.
Jerryscript Jerryscript 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started