Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jerryscript jerryscript vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-30414
Jerryscript commit 1a2c047 exists to contain a stack overflow via the component vm_loop at /jerry-core/vm/vm.c.
Jerryscript Jerryscript -
9.8
CVSSv3
CVE-2021-43453
A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions via an out-of-bounds read in parser_parse_for_statement_start in the js-parser-statm.c file. This issue is similar to CVE-2020-29657.
Jerryscript Jerryscript
7.8
CVSSv3
CVE-2020-24345
JerryScript up to and including 2.3.0 allows stack consumption via function a(){new new Proxy(a,{})}JSON.parse("[]",a). NOTE: the vendor states that the problem is the lack of the --stack-limit option
Jerryscript Jerryscript
7.1
CVSSv3
CVE-2020-24344
JerryScript up to and including 2.3.0 has a (function({a=arguments}){const arguments}) buffer over-read.
Jerryscript Jerryscript
9.8
CVSSv3
CVE-2021-42863
A buffer overflow in ecma_builtin_typedarray_prototype_filter() in JerryScript version fe3a5c0 allows an malicious user to construct a fake object or a fake arraybuffer with unlimited size.
Jerryscript Jerryscript
5.5
CVSSv3
CVE-2023-30406
Jerryscript commit 1a2c047 exists to contain a segmentation violation via the component ecma_find_named_property at /base/ecma-helpers.c.
Jerryscript Jerryscript -
5.5
CVSSv3
CVE-2023-30408
Jerryscript commit 1a2c047 exists to contain a segmentation violation via the component build/bin/jerry.
Jerryscript Jerryscript -
9.8
CVSSv3
CVE-2021-41751
Buffer overflow vulnerability in file ecma-builtin-array-prototype.c:909 in function ecma_builtin_array_prototype_object_slice in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021.
Jerryscript Jerryscript
9.8
CVSSv3
CVE-2021-41752
Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021 due to an unbounded recursive call to the new opt() function.
Jerryscript Jerryscript
7.5
CVSSv3
CVE-2021-41959
JerryScript Git version 14ff5bf does not sufficiently track and release allocated memory via jerry-core/ecma/operations/ecma-regexp-object.c after RegExp, which causes a memory leak.
Jerryscript Jerryscript -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »