Vulnerabilities > Jerryscript > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-03 | CVE-2021-41959 | Memory Leak vulnerability in Jerryscript JerryScript Git version 14ff5bf does not sufficiently track and release allocated memory via jerry-core/ecma/operations/ecma-regexp-object.c after RegExp, which causes a memory leak. | 7.5 |
| 2022-01-25 | CVE-2021-44988 | Allocation of Resources Without Limits or Throttling vulnerability in Jerryscript 3.0.0 Jerryscript v3.0.0 and below was discovered to contain a stack overflow via ecma_find_named_property in ecma-helpers.c. | 7.8 |
| 2022-01-21 | CVE-2022-22893 | Out-of-bounds Write vulnerability in Jerryscript 3.0.0 Jerryscript 3.0.0 was discovered to contain a stack overflow via vm_loop.lto_priv.304 in /jerry-core/vm/vm.c. | 7.8 |
| 2022-01-21 | CVE-2022-22894 | Out-of-bounds Write vulnerability in Jerryscript 3.0.0 Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_lcache_lookup in /jerry-core/ecma/base/ecma-lcache.c. | 7.8 |
| 2022-01-21 | CVE-2022-22895 | Out-of-bounds Write vulnerability in Jerryscript 3.0.0 Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via ecma_utf8_string_to_number_by_radix in /jerry-core/ecma/base/ecma-helpers-conversion.c. | 7.8 |
| 2022-01-20 | CVE-2022-22888 | Out-of-bounds Write vulnerability in Jerryscript 3.0.0 Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_op_object_find_own in /ecma/operations/ecma-objects.c. | 7.8 |
| 2022-01-14 | CVE-2021-46170 | Use After Free vulnerability in Jerryscript 2.3.0 An issue was discovered in JerryScript commit a6ab5e9. | 7.5 |
| 2021-06-10 | CVE-2020-23308 | Reachable Assertion vulnerability in Jerryscript 2.2.0 There is an Assertion 'context_p->stack_top_uint8 == LEXER_EXPRESSION_START' at js-parser-expr.c:3565 in parser_parse_expression in JerryScript 2.2.0. | 7.5 |
| 2021-06-10 | CVE-2020-23309 | Reachable Assertion vulnerability in Jerryscript 2.2.0 There is an Assertion 'context_p->stack_depth == context_p->context_stack_depth' failed at js-parser-statm.c:2756 in parser_parse_statements in JerryScript 2.2.0. | 7.5 |
| 2021-06-10 | CVE-2020-23310 | Reachable Assertion vulnerability in Jerryscript 2.2.0 There is an Assertion 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at js-parser-statm.c:733 in parser_parse_function_statement in JerryScript 2.2.0. | 7.5 |