Espruino prior to 1.99 allows malicious users to cause a denial of service (application crash) and a potential Information Disclosure with user crafted input files via a Buffer Overflow or Out-of-bounds Read during syntax parsing of certain for loops in jsparse.c.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
espruino espruino |