Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jerryscript vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-18212
An issue exists in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function in lit/lit-char-helpers.c via a RegExp("[\x0"); payload.
Jerryscript Jerryscript 1.0
9.1
CVSSv3
CVE-2020-29657
In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unhandled_exception in the main-utils.c file.
Jerryscript Jerryscript 2.3.0
9.8
CVSSv3
CVE-2020-23302
There is a heap-use-after-free at ecma-helpers-string.c:772 in ecma_ref_ecma_string in JerryScript 2.2.0
Jerryscript Jerryscript 2.2.0
9.8
CVSSv3
CVE-2020-23306
There is a stack-overflow at ecma-regexp-object.c:535 in ecma_regexp_match in JerryScript 2.2.0.
Jerryscript Jerryscript 2.2.0
7.5
CVSSv3
CVE-2020-23309
There is an Assertion 'context_p->stack_depth == context_p->context_stack_depth' failed at js-parser-statm.c:2756 in parser_parse_statements in JerryScript 2.2.0.
Jerryscript Jerryscript 2.2.0
9.8
CVSSv3
CVE-2020-23321
There is a heap-buffer-overflow at lit-strings.c:431 in lit_read_code_unit_from_utf8 in JerryScript 2.2.0.
Jerryscript Jerryscript 2.2.0
7.5
CVSSv3
CVE-2020-23322
There is an Assertion in 'context_p->token.type == LEXER_RIGHT_BRACE || context_p->token.type == LEXER_ASSIGN || context_p->token.type == LEXER_COMMA' in parser_parse_object_initializer in JerryScript 2.2.0.
Jerryscript Jerryscript 2.2.0
5.5
CVSSv3
CVE-2021-44992
There is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at /jerry-core/ecma/operations/ecma-typedarray-object.c in Jerryscript 3.0.0.
Jerryscript Jerryscript 3.0.0
9.8
CVSSv3
CVE-2020-22597
An issue in Jerrscript- project Jerryscrip v. 2.3.0 allows a remote malicious user to execute arbitrary code via the ecma_builtin_array_prototype_object_slice parameter.
Jerryscript Jerryscript 2.3.0
7.5
CVSSv3
CVE-2021-46170
An issue exists in JerryScript commit a6ab5e9. There is an Use-After-Free in lexer_compare_identifier_to_string in js-lexer.c file.
Jerryscript Jerryscript 2.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »