Vulnerabilities > CVE-2020-25461 - Unspecified vulnerability in Moddable

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

moddable

NVD

Published: 2020-12-04

Updated: 2020-12-04

Summary

Invalid Memory Access in the fxProxyGetter function in moddable/xs/sources/xsProxy.c in Moddable SDK before OS200908 causes a denial of service (SEGV).

Vulnerable Configurations

Part	Description	Count
Application	Moddable Moddable Moddable Os180328 Moddable Moddable Os180329 Moddable Moddable Os200831 Moddable Moddable Os200903 Moddable Moddable Os200904	5

References

https://github.com/Moddable-OpenSource/moddable/issues/441
https://github.com/Moddable-OpenSource/moddable/releases/tag/OS200908