Vulnerabilities > Jerryscript
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-20 | CVE-2023-36109 | Classic Buffer Overflow vulnerability in Jerryscript 3.0 Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c. | 9.8 |
2023-08-21 | CVE-2023-38961 | Out-of-bounds Write vulnerability in Jerryscript 3.0.0 Buffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0 allows a remote attacker to execute arbitrary code via the scanner_is_context_needed component in js-scanner-until.c. | 9.8 |
2023-08-11 | CVE-2020-24187 | NULL Pointer Dereference vulnerability in Jerryscript 2.3.0 An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference). | 5.5 |
2023-07-07 | CVE-2023-36201 | Unspecified vulnerability in Jerryscript 3.0.0 An issue in JerryscriptProject jerryscript v.3.0.0 allows an attacker to obtain sensitive information via a crafted script to the arrays. | 7.5 |
2023-07-03 | CVE-2020-22597 | Unspecified vulnerability in Jerryscript 2.3.0 An issue in Jerrscript- project Jerryscrip v. | 9.8 |
2023-06-14 | CVE-2023-34867 | Reachable Assertion vulnerability in Jerryscript 3.0.0 Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c. | 7.5 |
2023-06-14 | CVE-2023-34868 | Reachable Assertion vulnerability in Jerryscript 3.0.0 Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the parser_parse_for_statement_start at jerry-core/parser/js/js-parser-statm.c. | 7.5 |
2023-05-12 | CVE-2023-31913 | Reachable Assertion vulnerability in Jerryscript 3.0.0 Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c. | 5.5 |
2023-05-12 | CVE-2023-31914 | Unspecified vulnerability in Jerryscript 3.0.0 Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc. | 5.5 |
2023-05-12 | CVE-2023-31916 | Reachable Assertion vulnerability in Jerryscript 3.0.0 Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c. | 5.5 |