Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jerryscript jerryscript vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2022-22901
There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at parser_parse_function_arguments in /js/js-parser.c of JerryScript commit a6ab5e9.
Jerryscript Jerryscript -
7.5
CVSSv2
CVE-2019-1010176
JerryScript commit 4e58ccf68070671e1fff5cd6673f0c1d5b80b166 is affected by: Buffer Overflow. The impact is: denial of service and possibly arbitrary code execution. The component is: function lit_char_to_utf8_bytes (jerry-core/lit/lit-char-helpers.c:377). The attack vector is: ex...
Jerryscript Jerryscript
NA
CVE-2023-30406
Jerryscript commit 1a2c047 exists to contain a segmentation violation via the component ecma_find_named_property at /base/ecma-helpers.c.
Jerryscript Jerryscript -
NA
CVE-2023-30408
Jerryscript commit 1a2c047 exists to contain a segmentation violation via the component build/bin/jerry.
Jerryscript Jerryscript -
NA
CVE-2023-30410
Jerryscript commit 1a2c047 exists to contain a stack overflow via the component ecma_op_function_construct at /operations/ecma-function-object.c.
Jerryscript Jerryscript -
NA
CVE-2023-30414
Jerryscript commit 1a2c047 exists to contain a stack overflow via the component vm_loop at /jerry-core/vm/vm.c.
Jerryscript Jerryscript -
5
CVSSv2
CVE-2021-41959
JerryScript Git version 14ff5bf does not sufficiently track and release allocated memory via jerry-core/ecma/operations/ecma-regexp-object.c after RegExp, which causes a memory leak.
Jerryscript Jerryscript -
7.5
CVSSv2
CVE-2021-43453
A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions via an out-of-bounds read in parser_parse_for_statement_start in the js-parser-statm.c file. This issue is similar to CVE-2020-29657.
Jerryscript Jerryscript
5.8
CVSSv2
CVE-2020-24344
JerryScript up to and including 2.3.0 has a (function({a=arguments}){const arguments}) buffer over-read.
Jerryscript Jerryscript
6.8
CVSSv2
CVE-2020-24345
JerryScript up to and including 2.3.0 allows stack consumption via function a(){new new Proxy(a,{})}JSON.parse("[]",a). NOTE: the vendor states that the problem is the lack of the --stack-limit option
Jerryscript Jerryscript
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »