Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jerryscript jerryscript - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-30410
Jerryscript commit 1a2c047 exists to contain a stack overflow via the component ecma_op_function_construct at /operations/ecma-function-object.c.
Jerryscript Jerryscript -
7.5
CVSSv2
CVE-2021-42863
A buffer overflow in ecma_builtin_typedarray_prototype_filter() in JerryScript version fe3a5c0 allows an malicious user to construct a fake object or a fake arraybuffer with unlimited size.
Jerryscript Jerryscript
7.5
CVSSv2
CVE-2021-41751
Buffer overflow vulnerability in file ecma-builtin-array-prototype.c:909 in function ecma_builtin_array_prototype_object_slice in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021.
Jerryscript Jerryscript
5
CVSSv2
CVE-2020-13991
vm/opcodes.c in JerryScript 2.2.0 allows malicious users to hijack the flow of control by controlling a register.
Jerryscript Jerryscript 2.2.0
6.8
CVSSv2
CVE-2021-26195
An issue exists in JerryScript 2.4.0. There is a heap-buffer-overflow in lexer_parse_number in js-lexer.c file.
Jerryscript Jerryscript 2.4.0
4.3
CVSSv2
CVE-2021-26198
An issue exists in JerryScript 2.4.0. There is a SEVG in ecma_deref_bigint in ecma-helpers.c file.
Jerryscript Jerryscript 2.4.0
4.3
CVSSv2
CVE-2021-26199
An issue exists in JerryScript 2.4.0. There is a heap-use-after-free in ecma_bytecode_ref in ecma-helpers.c file.
Jerryscript Jerryscript 2.4.0
5
CVSSv2
CVE-2020-13649
parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure.
Jerryscript Jerryscript 2.2.0
7.5
CVSSv2
CVE-2017-18212
An issue exists in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function in lit/lit-char-helpers.c via a RegExp("[\x0"); payload.
Jerryscript Jerryscript 1.0
NA
CVE-2020-24187
An issue exists in ecma-helpers.c in jerryscript version 2.3.0, allows local malicious users to cause a denial of service (DoS) (Null Pointer Dereference).
Jerryscript Jerryscript 2.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »