Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jerryscript vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-24345
JerryScript up to and including 2.3.0 allows stack consumption via function a(){new new Proxy(a,{})}JSON.parse("[]",a). NOTE: the vendor states that the problem is the lack of the --stack-limit option
Jerryscript Jerryscript
7.1
CVSSv3
CVE-2020-24344
JerryScript up to and including 2.3.0 has a (function({a=arguments}){const arguments}) buffer over-read.
Jerryscript Jerryscript
9.8
CVSSv3
CVE-2021-42863
A buffer overflow in ecma_builtin_typedarray_prototype_filter() in JerryScript version fe3a5c0 allows an malicious user to construct a fake object or a fake arraybuffer with unlimited size.
Jerryscript Jerryscript
7.8
CVSSv3
CVE-2023-31906
Jerryscript 3.0.0(commit 1a2c047) exists to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c.
Jerryscript Jerryscript 3.0.0
7.8
CVSSv3
CVE-2023-31907
Jerryscript 3.0.0 exists to contain a heap-buffer-overflow via the component scanner_literal_is_created at /jerry-core/parser/js/js-scanner-util.c.
Jerryscript Jerryscript 3.0.0
7.8
CVSSv3
CVE-2023-31908
Jerryscript 3.0 (commit 05dbbd1) exists to contain a heap-buffer-overflow via the component ecma_builtin_typedarray_prototype_sort.
Jerryscript Jerryscript 3.0
7.8
CVSSv3
CVE-2023-31910
Jerryscript 3.0 (commit 05dbbd1) exists to contain a heap-buffer-overflow via the component parser_parse_function_statement at /jerry-core/parser/js/js-parser-statm.c.
Jerryscript Jerryscript 3.0.0
5.5
CVSSv3
CVE-2023-31913
Jerryscript 3.0 *commit 1a2c047) exists to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c.
Jerryscript Jerryscript 3.0.0
5.5
CVSSv3
CVE-2023-31914
Jerryscript 3.0 (commit 05dbbd1) exists to contain out-of-memory issue in malloc.
Jerryscript Jerryscript 3.0.0
5.5
CVSSv3
CVE-2023-31916
Jerryscript 3.0 (commit 1a2c047) exists to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c.
Jerryscript Jerryscript 3.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »