Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jerryscript vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2017-9250
The lexer_process_char_literal function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via malformed JavaScr...
Jerryscript Jerryscript 1.0
605
VMScore
CVE-2021-26195
An issue exists in JerryScript 2.4.0. There is a heap-buffer-overflow in lexer_parse_number in js-lexer.c file.
Jerryscript Jerryscript 2.4.0
605
VMScore
CVE-2017-14749
JerryScript 1.0 allows remote malicious users to cause a denial of service (jmem_heap_alloc_block_internal heap memory corruption) or possibly execute arbitrary code via a crafted .js file, because unrecognized \ characters cause incorrect 0x00 characters in bytecode.literal data...
Jerryscript Jerryscript 1.0
NA
CVE-2023-34867
Jerryscript 3.0 (commit 05dbbd1) exists to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c.
Jerryscript Jerryscript 3.0.0
383
VMScore
CVE-2021-46336
There is an Assertion 'opts & PARSER_CLASS_LITERAL_CTOR_PRESENT' failed at /parser/js/js-parser-expr.c(parser_parse_class_body) in JerryScript 3.0.0.
Jerryscript Jerryscript 3.0.0
383
VMScore
CVE-2021-46343
There is an Assertion 'context_p->token.type == LEXER_LITERAL' failed at /jerry-core/parser/js/js-parser-expr.c in JerryScript 3.0.0.
Jerryscript Jerryscript 3.0.0
383
VMScore
CVE-2021-46346
There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustment (date_value)' failed at /jerry-core/ecma/builtin-objects/ecma-builtin-date-prototype.c(ecma_builtin_date_prototype_dispatch_set):421 in JerryScript 3.0.0.
Jerryscript Jerryscript 3.0.0
NA
CVE-2023-36201
An issue in JerryscriptProject jerryscript v.3.0.0 allows an malicious user to obtain sensitive information via a crafted script to the arrays.
Jerryscript Jerryscript 3.0.0
446
VMScore
CVE-2020-13623
JerryScript 2.2.0 allows malicious users to cause a denial of service (stack consumption) via a proxy operation.
Jerryscript Jerryscript 2.2.0
NA
CVE-2023-31913
Jerryscript 3.0 *commit 1a2c047) exists to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c.
Jerryscript Jerryscript 3.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »