Vulnerabilities > CVE-2020-24345 - Out-of-bounds Write vulnerability in Jerryscript

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
jerryscript
CWE-787

Summary

JerryScript through 2.3.0 allows stack consumption via function a(){new new Proxy(a,{})}JSON.parse("[]",a). NOTE: the vendor states that the problem is the lack of the --stack-limit option

Common Weakness Enumeration (CWE)