Vulnerabilities > Jerryscript

DATE CVE VULNERABILITY TITLE RISK
2018-05-24 CVE-2018-11418 Out-of-bounds Read vulnerability in Jerryscript 1.0
An issue was discovered in JerryScript 1.0.
network
low complexity
jerryscript CWE-125
7.5
2018-05-24 CVE-2018-11419 Out-of-bounds Read vulnerability in Jerryscript 1.0
An issue was discovered in JerryScript 1.0.
network
low complexity
jerryscript CWE-125
7.5
2018-03-01 CVE-2017-18212 Out-of-bounds Read vulnerability in Jerryscript 1.0
An issue was discovered in JerryScript 1.0.
network
low complexity
jerryscript CWE-125
7.5
2017-09-26 CVE-2017-14749 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Jerryscript 1.0
JerryScript 1.0 allows remote attackers to cause a denial of service (jmem_heap_alloc_block_internal heap memory corruption) or possibly execute arbitrary code via a crafted .js file, because unrecognized \ characters cause incorrect 0x00 characters in bytecode.literal data.
6.8
2017-05-28 CVE-2017-9250 NULL Pointer Dereference vulnerability in Jerryscript 1.0
The lexer_process_char_literal function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed JavaScript source code, related to the jmem_heap_free_block function.
network
low complexity
jerryscript CWE-476
5.0