Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2023-36109

Published: 20/09/2023 Updated: 22/09/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Jerryscript

Vulnerability Summary

Buffer Overflow vulnerability in JerryScript version 3.0, allows remote malicious users to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c.

Vulnerable Product Search on Vulmon Subscribe to Product

jerryscript jerryscript 3.0

Github Repositories

https://github.com/Limesss/CVE-2023-36109

a poc for cve-2023-36109

CVE-2023-36109 a poc for cve-2023-36109 request repo git clone githubcom/jerryscript-project/jerryscriptgit cd jerryscript build python /tools/buildpy --clean --debug --compile-flag=-m32 --compile-flag=-fno-omit-frame-pointer --compile-flag=-fno-common --compile-flag=-fsanitize=address --compile-flag=-g --strip=off --lto=off -

References

CWE-120https://github.com/jerryscript-project/jerryscript/issues/5080https://github.com/Limesss/CVE-2023-36109/tree/mainhttps://nvd.nist.govhttps://github.com/Limesss/CVE-2023-36109
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook