Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jerryscript vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2022-22891
Jerryscript 3.0.0 exists to contain a SEGV vulnerability via ecma_ref_object_inline in /jerry-core/ecma/base/ecma-gc.c.
Jerryscript Jerryscript 3.0.0
9.8
CVSSv3
CVE-2023-36109
Buffer Overflow vulnerability in JerryScript version 3.0, allows remote malicious users to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c.
Jerryscript Jerryscript 3.0
1 Github repository
9.8
CVSSv3
CVE-2018-11419
An issue exists in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function via a RegExp("[\\u0") payload, related to re_parse_char_class in parser/regexp/re-parser.c.
Jerryscript Jerryscript 1.0
7.5
CVSSv3
CVE-2020-13991
vm/opcodes.c in JerryScript 2.2.0 allows malicious users to hijack the flow of control by controlling a register.
Jerryscript Jerryscript 2.2.0
7.5
CVSSv3
CVE-2020-14163
An issue exists in ecma/operations/ecma-container-object.c in JerryScript 2.2.0. Operations with key/value pairs did not consider the case where garbage collection is triggered after the key operation but before the value operation, as demonstrated by improper read access to memo...
Jerryscript Jerryscript 2.2.0
6.5
CVSSv3
CVE-2021-26194
An issue exists in JerryScript 2.4.0. There is a heap-use-after-free in ecma_is_lexical_environment in the ecma-helpers.c file.
Jerryscript Jerryscript 2.4.0
6.5
CVSSv3
CVE-2021-26198
An issue exists in JerryScript 2.4.0. There is a SEVG in ecma_deref_bigint in ecma-helpers.c file.
Jerryscript Jerryscript 2.4.0
6.5
CVSSv3
CVE-2021-26199
An issue exists in JerryScript 2.4.0. There is a heap-use-after-free in ecma_bytecode_ref in ecma-helpers.c file.
Jerryscript Jerryscript 2.4.0
9.8
CVSSv3
CVE-2023-38961
Buffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0 allows a remote malicious user to execute arbitrary code via the scanner_is_context_needed component in js-scanner-until.c.
Jerryscript Jerryscript 3.0.0
9.8
CVSSv3
CVE-2020-23302
There is a heap-use-after-free at ecma-helpers-string.c:772 in ecma_ref_ecma_string in JerryScript 2.2.0
Jerryscript Jerryscript 2.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »