Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jerryscript vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2017-18212
An issue exists in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function in lit/lit-char-helpers.c via a RegExp("[\x0"); payload.
Jerryscript Jerryscript 1.0
605
VMScore
CVE-2017-14749
JerryScript 1.0 allows remote malicious users to cause a denial of service (jmem_heap_alloc_block_internal heap memory corruption) or possibly execute arbitrary code via a crafted .js file, because unrecognized \ characters cause incorrect 0x00 characters in bytecode.literal data...
Jerryscript Jerryscript 1.0
445
VMScore
CVE-2020-23308
There is an Assertion 'context_p->stack_top_uint8 == LEXER_EXPRESSION_START' at js-parser-expr.c:3565 in parser_parse_expression in JerryScript 2.2.0.
Jerryscript Jerryscript 2.2.0
NA
CVE-2024-29489
Jerryscript 2.4.0 has SEGV at ./jerry-core/ecma/base/ecma-helpers.c:238:58 in ecma_get_object_type.
NA
CVE-2024-33255
Jerryscript commit cefd391 exists to contain an Assertion Failure via ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p) in ecma_free_string_list.
NA
CVE-2024-33258
Jerryscript commit ff9ff8f exists to contain a segmentation violation via the component vm_loop at jerry-core/vm/vm.c.
NA
CVE-2024-33259
Jerryscript commit cefd391 exists to contain a segmentation violation via the component scanner_seek at jerry-core/parser/js/js-scanner-util.c.
NA
CVE-2024-33260
Jerryscript commit cefd391 exists to contain a segmentation violation via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10