Vulnerabilities > Moddable
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-20 | CVE-2021-46335 | NULL Pointer Dereference vulnerability in Moddable SDK 11.5.0 Moddable SDK v11.5.0 was discovered to contain a NULL pointer dereference in the component fx_Function_prototype_hasInstance. | 4.3 |
| 2021-11-19 | CVE-2021-29323 | Out-of-bounds Write vulnerability in Moddable 10.5.0 OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow via the component /modules/network/wifi/esp/modwifi.c. | 4.3 |
| 2021-11-19 | CVE-2021-29324 | Allocation of Resources Without Limits or Throttling vulnerability in Moddable 10.5.0 OpenSource Moddable v10.5.0 was discovered to contain a stack overflow via the component /moddable/xs/sources/xsScript.c. | 6.8 |
| 2021-11-19 | CVE-2021-29325 | Out-of-bounds Write vulnerability in Moddable 10.5.0 OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_String_prototype_repeat function at /moddable/xs/sources/xsString.c. | 6.8 |
| 2021-11-19 | CVE-2021-29326 | Out-of-bounds Write vulnerability in Moddable 10.5.0 OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fxIDToString function at /moddable/xs/sources/xsSymbol.c. | 6.8 |
| 2021-11-19 | CVE-2021-29327 | Out-of-bounds Write vulnerability in Moddable 10.5.0 OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_ArrayBuffer function at /moddable/xs/sources/xsDataView.c. | 6.8 |
| 2021-11-19 | CVE-2021-29328 | Out-of-bounds Read vulnerability in Moddable 10.5.0 OpenSource Moddable v10.5.0 was discovered to contain buffer over-read in the fxDebugThrow function at /moddable/xs/sources/xsDebug.c. | 5.8 |
| 2021-11-19 | CVE-2021-29329 | Allocation of Resources Without Limits or Throttling vulnerability in Moddable 10.5.0 OpenSource Moddable v10.5.0 was discovered to contain a stack overflow in the fxBinaryExpressionNodeDistribute function at /moddable/xs/sources/xsTree.c. | 6.8 |
| 2021-07-13 | CVE-2020-22882 | Type Confusion vulnerability in Moddable Os180328/Os180329 Issue was discovered in the fxParserTree function in moddable, allows attackers to cause denial of service via a crafted payload. | 5.0 |
| 2020-12-04 | CVE-2020-25465 | NULL Pointer Dereference vulnerability in Moddable Null Pointer Dereference. | 5.0 |