Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jerryscript vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-23321
There is a heap-buffer-overflow at lit-strings.c:431 in lit_read_code_unit_from_utf8 in JerryScript 2.2.0.
Jerryscript Jerryscript 2.2.0
5
CVSSv2
CVE-2020-23322
There is an Assertion in 'context_p->token.type == LEXER_RIGHT_BRACE || context_p->token.type == LEXER_ASSIGN || context_p->token.type == LEXER_COMMA' in parser_parse_object_initializer in JerryScript 2.2.0.
Jerryscript Jerryscript 2.2.0
7.5
CVSSv2
CVE-2020-23323
There is a heap-buffer-overflow at re-parser.c in re_parse_char_escape in JerryScript 2.2.0.
Jerryscript Jerryscript 2.2.0
5
CVSSv2
CVE-2020-13622
JerryScript 2.2.0 allows malicious users to cause a denial of service (assertion failure) because a property key query for a Proxy object returns unintended data.
Jerryscript Jerryscript 2.2.0
5
CVSSv2
CVE-2020-13623
JerryScript 2.2.0 allows malicious users to cause a denial of service (stack consumption) via a proxy operation.
Jerryscript Jerryscript 2.2.0
5
CVSSv2
CVE-2020-13649
parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure.
Jerryscript Jerryscript 2.2.0
4.3
CVSSv2
CVE-2018-1000636
JerryScript version Tested on commit f86d7459d195c8ba58479d1861b0cc726c8b3793. Analysing history it seems that the issue has been present since commit 64a340ffeb8809b2b66bbe32fd443a8b79fdd860 contains a CWE-476: NULL Pointer Dereference vulnerability in Triggering undefined behav...
Jerryscript Jerryscript 1.0
6.8
CVSSv2
CVE-2021-41682
There is a heap-use-after-free at ecma-helpers-string.c:1940 in ecma_compare_ecma_non_direct_strings in JerryScript 2.4.0
Jerryscript Jerryscript 2.4.0
6.8
CVSSv2
CVE-2021-41683
There is a stack-overflow at ecma-helpers.c:326 in ecma_get_lex_env_type in JerryScript 2.4.0
Jerryscript Jerryscript 2.4.0
5
CVSSv2
CVE-2021-46170
An issue exists in JerryScript commit a6ab5e9. There is an Use-After-Free in lexer_compare_identifier_to_string in js-lexer.c file.
Jerryscript Jerryscript 2.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »