Vulnerabilities > Moddable

DATE CVE VULNERABILITY TITLE RISK
2022-01-20 CVE-2021-46335 NULL Pointer Dereference vulnerability in Moddable SDK 11.5.0
Moddable SDK v11.5.0 was discovered to contain a NULL pointer dereference in the component fx_Function_prototype_hasInstance.
local
low complexity
moddable CWE-476
5.5
2021-11-19 CVE-2021-29323 Out-of-bounds Write vulnerability in Moddable 10.5.0
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow via the component /modules/network/wifi/esp/modwifi.c.
local
low complexity
moddable CWE-787
5.5
2021-11-19 CVE-2021-29324 Allocation of Resources Without Limits or Throttling vulnerability in Moddable 10.5.0
OpenSource Moddable v10.5.0 was discovered to contain a stack overflow via the component /moddable/xs/sources/xsScript.c.
local
low complexity
moddable CWE-770
7.8
2021-11-19 CVE-2021-29325 Out-of-bounds Write vulnerability in Moddable 10.5.0
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_String_prototype_repeat function at /moddable/xs/sources/xsString.c.
local
low complexity
moddable CWE-787
7.8
2021-11-19 CVE-2021-29326 Out-of-bounds Write vulnerability in Moddable 10.5.0
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fxIDToString function at /moddable/xs/sources/xsSymbol.c.
local
low complexity
moddable CWE-787
7.8
2021-11-19 CVE-2021-29327 Out-of-bounds Write vulnerability in Moddable 10.5.0
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_ArrayBuffer function at /moddable/xs/sources/xsDataView.c.
local
low complexity
moddable CWE-787
7.8
2021-11-19 CVE-2021-29328 Out-of-bounds Read vulnerability in Moddable 10.5.0
OpenSource Moddable v10.5.0 was discovered to contain buffer over-read in the fxDebugThrow function at /moddable/xs/sources/xsDebug.c.
local
low complexity
moddable CWE-125
7.1
2021-11-19 CVE-2021-29329 Allocation of Resources Without Limits or Throttling vulnerability in Moddable 10.5.0
OpenSource Moddable v10.5.0 was discovered to contain a stack overflow in the fxBinaryExpressionNodeDistribute function at /moddable/xs/sources/xsTree.c.
local
low complexity
moddable CWE-770
7.8
2021-07-13 CVE-2020-22882 Type Confusion vulnerability in Moddable Os180328/Os180329
Issue was discovered in the fxParserTree function in moddable, allows attackers to cause denial of service via a crafted payload.
network
low complexity
moddable CWE-843
7.5
2020-12-04 CVE-2020-25465 NULL Pointer Dereference vulnerability in Moddable
Null Pointer Dereference.
network
low complexity
moddable CWE-476
7.5