Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jerryscript vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-44994
There is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0'' failed at /jerry-core/jmem/jmem-heap.c in Jerryscript 3.0.0.
Jerryscript Jerryscript 3.0.0
7.5
CVSSv2
CVE-2018-11418
An issue exists in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_utf8 function via a RegExp("[\\u0020") payload, related to re_parse_char_class in parser/regexp/re-parser.c.
Jerryscript Jerryscript 1.0
5
CVSSv2
CVE-2020-23311
There is an Assertion 'context_p->token.type == LEXER_RIGHT_BRACE || context_p->token.type == LEXER_ASSIGN || context_p->token.type == LEXER_COMMA' failed at js-parser-expr.c:3230 in parser_parse_object_initializer in JerryScript 2.2.0.
Jerryscript Jerryscript 2.2.0
7.5
CVSSv2
CVE-2020-23323
There is a heap-buffer-overflow at re-parser.c in re_parse_char_escape in JerryScript 2.2.0.
Jerryscript Jerryscript 2.2.0
NA
CVE-2023-31914
Jerryscript 3.0 (commit 05dbbd1) exists to contain out-of-memory issue in malloc.
Jerryscript Jerryscript 3.0.0
4.3
CVSSv2
CVE-2022-22891
Jerryscript 3.0.0 exists to contain a SEGV vulnerability via ecma_ref_object_inline in /jerry-core/ecma/base/ecma-gc.c.
Jerryscript Jerryscript 3.0.0
6.8
CVSSv2
CVE-2017-14749
JerryScript 1.0 allows remote malicious users to cause a denial of service (jmem_heap_alloc_block_internal heap memory corruption) or possibly execute arbitrary code via a crafted .js file, because unrecognized \ characters cause incorrect 0x00 characters in bytecode.literal data...
Jerryscript Jerryscript 1.0
5
CVSSv2
CVE-2021-46170
An issue exists in JerryScript commit a6ab5e9. There is an Use-After-Free in lexer_compare_identifier_to_string in js-lexer.c file.
Jerryscript Jerryscript 2.3.0
5
CVSSv2
CVE-2017-9250
The lexer_process_char_literal function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via malformed JavaScr...
Jerryscript Jerryscript 1.0
4.3
CVSSv2
CVE-2021-26194
An issue exists in JerryScript 2.4.0. There is a heap-use-after-free in ecma_is_lexical_environment in the ecma-helpers.c file.
Jerryscript Jerryscript 2.4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »