Vulnerabilities > Jerryscript

DATE	CVE	VULNERABILITY TITLE	RISK
2017-09-26	CVE-2017-14749	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Jerryscript 1.0 JerryScript 1.0 allows remote attackers to cause a denial of service (jmem_heap_alloc_block_internal heap memory corruption) or possibly execute arbitrary code via a crafted .js file, because unrecognized \ characters cause incorrect 0x00 characters in bytecode.literal data. network jerryscript CWE-119	6.8
2017-05-28	CVE-2017-9250	NULL Pointer Dereference vulnerability in Jerryscript 1.0 The lexer_process_char_literal function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed JavaScript source code, related to the jmem_heap_free_block function. network low complexity jerryscript CWE-476	5.0

Vulnerabilities > Jerryscript {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jerryscript"}]}