Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jerryscript vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-23321
There is a heap-buffer-overflow at lit-strings.c:431 in lit_read_code_unit_from_utf8 in JerryScript 2.2.0.
Jerryscript Jerryscript 2.2.0
9.8
CVSSv3
CVE-2020-23323
There is a heap-buffer-overflow at re-parser.c in re_parse_char_escape in JerryScript 2.2.0.
Jerryscript Jerryscript 2.2.0
7.5
CVSSv3
CVE-2020-23310
There is an Assertion 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at js-parser-statm.c:733 in parser_parse_function_statement in JerryScript 2.2.0.
Jerryscript Jerryscript 2.2.0
7.5
CVSSv3
CVE-2020-23322
There is an Assertion in 'context_p->token.type == LEXER_RIGHT_BRACE || context_p->token.type == LEXER_ASSIGN || context_p->token.type == LEXER_COMMA' in parser_parse_object_initializer in JerryScript 2.2.0.
Jerryscript Jerryscript 2.2.0
6.5
CVSSv3
CVE-2018-1000636
JerryScript version Tested on commit f86d7459d195c8ba58479d1861b0cc726c8b3793. Analysing history it seems that the issue has been present since commit 64a340ffeb8809b2b66bbe32fd443a8b79fdd860 contains a CWE-476: NULL Pointer Dereference vulnerability in Triggering undefined behav...
Jerryscript Jerryscript 1.0
7.8
CVSSv3
CVE-2022-32117
Jerryscript v2.4.0 exists to contain a stack buffer overflow via the function jerryx_print_unhandled_exception in /util/print.c.
Jerryscript Jerryscript 2.4.0
7.5
CVSSv3
CVE-2017-9250
The lexer_process_char_literal function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via malformed JavaScr...
Jerryscript Jerryscript 1.0
6.5
CVSSv3
CVE-2021-26194
An issue exists in JerryScript 2.4.0. There is a heap-use-after-free in ecma_is_lexical_environment in the ecma-helpers.c file.
Jerryscript Jerryscript 2.4.0
9.8
CVSSv3
CVE-2018-11418
An issue exists in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_utf8 function via a RegExp("[\\u0020") payload, related to re_parse_char_class in parser/regexp/re-parser.c.
Jerryscript Jerryscript 1.0
9.8
CVSSv3
CVE-2018-11419
An issue exists in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function via a RegExp("[\\u0") payload, related to re_parse_char_class in parser/regexp/re-parser.c.
Jerryscript Jerryscript 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »