VYPR

Jsish

by Jsish

Source repositories

CVEs (53)

  • CVE-2021-46485MedJan 27, 2022
    risk 0.36cvss 5.5epss 0.01

    Jsish v3.5.0 was discovered to contain a SEGV vulnerability via Jsi_ValueIsNumber at src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46484MedJan 27, 2022
    risk 0.36cvss 5.5epss 0.01

    Jsish v3.5.0 was discovered to contain a heap-use-after-free via Jsi_IncrRefCount in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46481MedJan 25, 2022
    risk 0.36cvss 5.5epss 0.01

    Jsish v3.5.0 was discovered to contain a memory leak via linenoise at src/linenoise.c.

  • CVE-2021-46480MedJan 25, 2022
    risk 0.36cvss 5.5epss 0.01

    Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiValueObjDelete in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46478MedJan 25, 2022
    risk 0.36cvss 5.5epss 0.01

    Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiClearStack in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46477MedJan 25, 2022
    risk 0.36cvss 5.5epss 0.01

    Jsish v3.5.0 was discovered to contain a heap buffer overflow via RegExp_constructor in src/jsiRegexp.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46475MedJan 25, 2022
    risk 0.36cvss 5.5epss 0.01

    Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsi_ArraySliceCmd in src/jsiArray.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46474MedJan 25, 2022
    risk 0.36cvss 5.5epss 0.01

    Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiEvalCodeSub in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2019-1010162MedJul 23, 2019
    risk 0.36cvss 5.5epss 0.01

    jsish 2.4.74 2.0474 is affected by: CWE-476: NULL Pointer Dereference. The impact is: denial of service. The component is: function Jsi_StrcmpDict (jsiChar.c:121). The attack vector is: The victim must execute crafted javascript code. The fixed version is: 2.4.77.

  • CVE-2025-65570Dec 29, 2025
    risk 0.00cvss epss 0.00

    A type confusion in jsish 2.0 allows incorrect control flow during execution of the OP_NEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array…

  • CVE-2020-22875CriJul 13, 2021
    risk 0.00cvss 9.8epss 0.03

    Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote attackers to execute arbitrary code.

  • CVE-2020-22874CriJul 13, 2021
    risk 0.00cvss 9.8epss 0.03

    Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish before 3.0.8, allows remote attackers to execute arbitrary code.

  • CVE-2020-22873CriJul 13, 2021
    risk 0.00cvss 9.8epss 0.02

    Buffer overflow vulnerability in function NumberToPrecisionCmd in jsish before 3.0.7, allows remote attackers to execute arbitrary code.

Page 3 of 3