Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jerryscript jerryscript - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-13649
parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure.
Jerryscript Jerryscript 2.2.0
7.8
CVSSv3
CVE-2022-32117
Jerryscript v2.4.0 exists to contain a stack buffer overflow via the function jerryx_print_unhandled_exception in /util/print.c.
Jerryscript Jerryscript 2.4.0
7.5
CVSSv3
CVE-2023-34867
Jerryscript 3.0 (commit 05dbbd1) exists to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c.
Jerryscript Jerryscript 3.0.0
7.5
CVSSv3
CVE-2023-34868
Jerryscript 3.0 (commit 05dbbd1) exists to contain an Assertion Failure via the parser_parse_for_statement_start at jerry-core/parser/js/js-parser-statm.c.
Jerryscript Jerryscript 3.0.0
7.8
CVSSv3
CVE-2022-22888
Jerryscript 3.0.0 exists to contain a stack overflow via ecma_op_object_find_own in /ecma/operations/ecma-objects.c.
Jerryscript Jerryscript 3.0.0
5.5
CVSSv3
CVE-2022-22891
Jerryscript 3.0.0 exists to contain a SEGV vulnerability via ecma_ref_object_inline in /jerry-core/ecma/base/ecma-gc.c.
Jerryscript Jerryscript 3.0.0
7.8
CVSSv3
CVE-2022-22893
Jerryscript 3.0.0 exists to contain a stack overflow via vm_loop.lto_priv.304 in /jerry-core/vm/vm.c.
Jerryscript Jerryscript 3.0.0
9.1
CVSSv3
CVE-2020-29657
In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unhandled_exception in the main-utils.c file.
Jerryscript Jerryscript 2.3.0
6.5
CVSSv3
CVE-2018-1000636
JerryScript version Tested on commit f86d7459d195c8ba58479d1861b0cc726c8b3793. Analysing history it seems that the issue has been present since commit 64a340ffeb8809b2b66bbe32fd443a8b79fdd860 contains a CWE-476: NULL Pointer Dereference vulnerability in Triggering undefined behav...
Jerryscript Jerryscript 1.0
7.5
CVSSv3
CVE-2017-9250
The lexer_process_char_literal function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via malformed JavaScr...
Jerryscript Jerryscript 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »