Vulnerabilities > Jerryscript

DATE CVE VULNERABILITY TITLE RISK
2021-06-10 CVE-2021-26199 Use After Free vulnerability in Jerryscript 2.4.0
An issue was discovered in JerryScript 2.4.0.
4.3
2020-12-09 CVE-2020-29657 Out-of-bounds Read vulnerability in Jerryscript 2.3.0
In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unhandled_exception in the main-utils.c file.
network
low complexity
jerryscript CWE-125
6.4
2020-09-24 CVE-2020-13991 Unspecified vulnerability in Jerryscript 2.2.0
vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register.
network
low complexity
jerryscript
5.0
2020-08-13 CVE-2020-24345 Out-of-bounds Write vulnerability in Jerryscript
** DISPUTED ** JerryScript through 2.3.0 allows stack consumption via function a(){new new Proxy(a,{})}JSON.parse("[]",a).
6.8
2020-08-13 CVE-2020-24344 Out-of-bounds Read vulnerability in Jerryscript
JerryScript through 2.3.0 has a (function({a=arguments}){const arguments}) buffer over-read.
5.8
2020-06-15 CVE-2020-14163 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Jerryscript 2.2.0
An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0.
network
low complexity
jerryscript CWE-119
5.0
2020-05-28 CVE-2020-13649 NULL Pointer Dereference vulnerability in Jerryscript 2.2.0
parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure.
network
low complexity
jerryscript CWE-476
5.0
2020-05-27 CVE-2020-13623 Resource Exhaustion vulnerability in Jerryscript 2.2.0
JerryScript 2.2.0 allows attackers to cause a denial of service (stack consumption) via a proxy operation.
network
low complexity
jerryscript CWE-400
5.0
2020-05-27 CVE-2020-13622 Reachable Assertion vulnerability in Jerryscript 2.2.0
JerryScript 2.2.0 allows attackers to cause a denial of service (assertion failure) because a property key query for a Proxy object returns unintended data.
network
low complexity
jerryscript CWE-617
5.0
2019-07-25 CVE-2019-1010176 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Jerryscript 1.0
JerryScript commit 4e58ccf68070671e1fff5cd6673f0c1d5b80b166 is affected by: Buffer Overflow.
network
low complexity
jerryscript CWE-119
7.5