Vulnerabilities > Moddable

DATE CVE VULNERABILITY TITLE RISK
2020-12-04 CVE-2020-25464 Out-of-bounds Write vulnerability in Moddable Os180328/Os180329/Os200831
Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK before before 20200903.
network
low complexity
moddable CWE-787
7.5
2020-12-04 CVE-2020-25463 Unspecified vulnerability in Moddable
Invalid Memory Access in fxUTF8Decode at moddable/xs/sources/xsCommon.c:916 in Moddable SDK before OS200908 causes a denial of service (SEGV).
network
low complexity
moddable
7.5
2020-12-04 CVE-2020-25462 Out-of-bounds Write vulnerability in Moddable
Heap buffer overflow in the fxCheckArrowFunction function at moddable/xs/sources/xsSyntaxical.c:3562 in Moddable SDK before OS200903.
network
low complexity
moddable CWE-787
critical
9.8
2020-12-04 CVE-2020-25461 Unspecified vulnerability in Moddable
Invalid Memory Access in the fxProxyGetter function in moddable/xs/sources/xsProxy.c in Moddable SDK before OS200908 causes a denial of service (SEGV).
network
low complexity
moddable
7.5
2019-09-16 CVE-2019-16366 Out-of-bounds Write vulnerability in Moddable and XS
In XS 9.0.0 in Moddable SDK OS180329, there is a heap-based buffer overflow in fxBeginHost in xsAPI.c when called from fxRunDefine in xsRun.c, as demonstrated by crafted JavaScript code to xst.
network
low complexity
moddable CWE-787
critical
9.8