Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jerryscript jerryscript vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-13649
parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure.
Jerryscript Jerryscript 2.2.0
7.8
CVSSv3
CVE-2022-32117
Jerryscript v2.4.0 exists to contain a stack buffer overflow via the function jerryx_print_unhandled_exception in /util/print.c.
Jerryscript Jerryscript 2.4.0
7.5
CVSSv3
CVE-2023-34867
Jerryscript 3.0 (commit 05dbbd1) exists to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c.
Jerryscript Jerryscript 3.0.0
7.5
CVSSv3
CVE-2023-34868
Jerryscript 3.0 (commit 05dbbd1) exists to contain an Assertion Failure via the parser_parse_for_statement_start at jerry-core/parser/js/js-parser-statm.c.
Jerryscript Jerryscript 3.0.0
7.8
CVSSv3
CVE-2022-22888
Jerryscript 3.0.0 exists to contain a stack overflow via ecma_op_object_find_own in /ecma/operations/ecma-objects.c.
Jerryscript Jerryscript 3.0.0
5.5
CVSSv3
CVE-2022-22891
Jerryscript 3.0.0 exists to contain a SEGV vulnerability via ecma_ref_object_inline in /jerry-core/ecma/base/ecma-gc.c.
Jerryscript Jerryscript 3.0.0
7.8
CVSSv3
CVE-2022-22893
Jerryscript 3.0.0 exists to contain a stack overflow via vm_loop.lto_priv.304 in /jerry-core/vm/vm.c.
Jerryscript Jerryscript 3.0.0
9.1
CVSSv3
CVE-2020-29657
In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unhandled_exception in the main-utils.c file.
Jerryscript Jerryscript 2.3.0
6.5
CVSSv3
CVE-2018-1000636
JerryScript version Tested on commit f86d7459d195c8ba58479d1861b0cc726c8b3793. Analysing history it seems that the issue has been present since commit 64a340ffeb8809b2b66bbe32fd443a8b79fdd860 contains a CWE-476: NULL Pointer Dereference vulnerability in Triggering undefined behav...
Jerryscript Jerryscript 1.0
7.5
CVSSv3
CVE-2017-9250
The lexer_process_char_literal function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via malformed JavaScr...
Jerryscript Jerryscript 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »