Vulnerabilities > Jerryscript > Jerryscript > 2.0

DATE CVE VULNERABILITY TITLE RISK
2022-05-12 CVE-2021-42863 Classic Buffer Overflow vulnerability in Jerryscript
A buffer overflow in ecma_builtin_typedarray_prototype_filter() in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer with unlimited size.
network
low complexity
jerryscript CWE-120
critical
 9.8
9.8
2022-04-07 CVE-2021-43453 Out-of-bounds Read vulnerability in Jerryscript
A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions via an out-of-bounds read in parser_parse_for_statement_start in the js-parser-statm.c file.
network
low complexity
jerryscript CWE-125
critical
 9.8
9.8
2022-04-05 CVE-2021-41751 Classic Buffer Overflow vulnerability in Jerryscript
Buffer overflow vulnerability in file ecma-builtin-array-prototype.c:909 in function ecma_builtin_array_prototype_object_slice in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021.
network
low complexity
jerryscript CWE-120
critical
 9.8
9.8
2022-04-05 CVE-2021-41752 Uncontrolled Recursion vulnerability in Jerryscript
Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021 due to an unbounded recursive call to the new opt() function.
network
low complexity
jerryscript CWE-674
critical
 9.8
9.8
2020-08-13 CVE-2020-24345 Out-of-bounds Write vulnerability in Jerryscript
JerryScript through 2.3.0 allows stack consumption via function a(){new new Proxy(a,{})}JSON.parse("[]",a).
local
low complexity
jerryscript CWE-787
7.8
7.8
2020-08-13 CVE-2020-24344 Out-of-bounds Read vulnerability in Jerryscript
JerryScript through 2.3.0 has a (function({a=arguments}){const arguments}) buffer over-read.
local
low complexity
jerryscript CWE-125
7.1
7.1