Vulnerabilities > Jerryscript

DATE CVE VULNERABILITY TITLE RISK
2023-09-20 CVE-2023-36109 Classic Buffer Overflow vulnerability in Jerryscript 3.0
Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c.
network
low complexity
jerryscript CWE-120
critical
9.8
2023-08-21 CVE-2023-38961 Out-of-bounds Write vulnerability in Jerryscript 3.0.0
Buffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0 allows a remote attacker to execute arbitrary code via the scanner_is_context_needed component in js-scanner-until.c.
network
low complexity
jerryscript CWE-787
critical
9.8
2023-08-11 CVE-2020-24187 NULL Pointer Dereference vulnerability in Jerryscript 2.3.0
An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference).
local
low complexity
jerryscript CWE-476
5.5
2023-07-07 CVE-2023-36201 Unspecified vulnerability in Jerryscript 3.0.0
An issue in JerryscriptProject jerryscript v.3.0.0 allows an attacker to obtain sensitive information via a crafted script to the arrays.
network
low complexity
jerryscript
7.5
2023-07-03 CVE-2020-22597 Unspecified vulnerability in Jerryscript 2.3.0
An issue in Jerrscript- project Jerryscrip v.
network
low complexity
jerryscript
critical
9.8
2023-06-14 CVE-2023-34867 Reachable Assertion vulnerability in Jerryscript 3.0.0
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c.
network
low complexity
jerryscript CWE-617
7.5
2023-06-14 CVE-2023-34868 Reachable Assertion vulnerability in Jerryscript 3.0.0
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the parser_parse_for_statement_start at jerry-core/parser/js/js-parser-statm.c.
network
low complexity
jerryscript CWE-617
7.5
2023-05-12 CVE-2023-31913 Reachable Assertion vulnerability in Jerryscript 3.0.0
Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c.
local
low complexity
jerryscript CWE-617
5.5
2023-05-12 CVE-2023-31914 Unspecified vulnerability in Jerryscript 3.0.0
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc.
local
low complexity
jerryscript
5.5
2023-05-12 CVE-2023-31916 Reachable Assertion vulnerability in Jerryscript 3.0.0
Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c.
local
low complexity
jerryscript CWE-617
5.5