Vulnerabilities > Jerryscript > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-07 | CVE-2023-36201 | Unspecified vulnerability in Jerryscript 3.0.0 An issue in JerryscriptProject jerryscript v.3.0.0 allows an attacker to obtain sensitive information via a crafted script to the arrays. | 7.5 |
| 2023-06-14 | CVE-2023-34867 | Reachable Assertion vulnerability in Jerryscript 3.0.0 Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c. | 7.5 |
| 2023-06-14 | CVE-2023-34868 | Reachable Assertion vulnerability in Jerryscript 3.0.0 Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the parser_parse_for_statement_start at jerry-core/parser/js/js-parser-statm.c. | 7.5 |
| 2023-05-10 | CVE-2023-31906 | Out-of-bounds Write vulnerability in Jerryscript 3.0.0 Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c. | 7.8 |
| 2023-05-10 | CVE-2023-31907 | Out-of-bounds Write vulnerability in Jerryscript 3.0.0 Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via the component scanner_literal_is_created at /jerry-core/parser/js/js-scanner-util.c. | 7.8 |
| 2023-05-10 | CVE-2023-31908 | Out-of-bounds Write vulnerability in Jerryscript 3.0 Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component ecma_builtin_typedarray_prototype_sort. | 7.8 |
| 2023-05-10 | CVE-2023-31910 | Out-of-bounds Write vulnerability in Jerryscript 3.0.0 Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component parser_parse_function_statement at /jerry-core/parser/js/js-parser-statm.c. | 7.8 |
| 2022-05-12 | CVE-2021-42863 | Classic Buffer Overflow vulnerability in Jerryscript A buffer overflow in ecma_builtin_typedarray_prototype_filter() in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer with unlimited size. | 7.5 |
| 2022-04-05 | CVE-2021-41751 | Classic Buffer Overflow vulnerability in Jerryscript Buffer overflow vulnerability in file ecma-builtin-array-prototype.c:909 in function ecma_builtin_array_prototype_object_slice in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021. | 7.5 |
| 2022-01-25 | CVE-2021-44988 | Allocation of Resources Without Limits or Throttling vulnerability in Jerryscript 3.0.0 Jerryscript v3.0.0 and below was discovered to contain a stack overflow via ecma_find_named_property in ecma-helpers.c. | 7.8 |