VYPR

Jerryscript

by Jerryscript

Source repositories

CVEs (95)

  • CVE-2023-31916May 12, 2023
    risk 0.00cvss epss 0.00

    Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c.

  • CVE-2023-31918May 12, 2023
    risk 0.00cvss epss 0.00

    Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-core/parser/js/js-parser.c.

  • CVE-2023-31914May 12, 2023
    risk 0.00cvss epss 0.00

    Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc.

  • CVE-2023-31913May 12, 2023
    risk 0.00cvss epss 0.00

    Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c.

  • CVE-2023-31921May 12, 2023
    risk 0.00cvss epss 0.00

    Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_big_uint_div_mod at jerry-core/ecma/operations/ecma-big-uint.c.

  • CVE-2023-31910May 10, 2023
    risk 0.00cvss epss 0.00

    Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component parser_parse_function_statement at /jerry-core/parser/js/js-parser-statm.c.

  • CVE-2023-31908May 10, 2023
    risk 0.00cvss epss 0.00

    Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component ecma_builtin_typedarray_prototype_sort.

  • CVE-2023-31906May 10, 2023
    risk 0.00cvss epss 0.00

    Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c.

  • CVE-2023-31907May 10, 2023
    risk 0.00cvss epss 0.00

    Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via the component scanner_literal_is_created at /jerry-core/parser/js/js-scanner-util.c.

  • CVE-2023-30410Apr 24, 2023
    risk 0.00cvss epss 0.00

    Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component ecma_op_function_construct at /operations/ecma-function-object.c.

  • CVE-2023-30414Apr 24, 2023
    risk 0.00cvss epss 0.00

    Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component vm_loop at /jerry-core/vm/vm.c.

  • CVE-2023-30406Apr 24, 2023
    risk 0.00cvss epss 0.00

    Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component ecma_find_named_property at /base/ecma-helpers.c.

  • CVE-2023-30408Apr 24, 2023
    risk 0.00cvss epss 0.00

    Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component build/bin/jerry.

  • CVE-2022-32117Jul 13, 2022
    risk 0.00cvss epss 0.00

    Jerryscript v2.4.0 was discovered to contain a stack buffer overflow via the function jerryx_print_unhandled_exception in /util/print.c.

  • CVE-2021-41683Jun 20, 2022
    risk 0.00cvss epss 0.01

    There is a stack-overflow at ecma-helpers.c:326 in ecma_get_lex_env_type in JerryScript 2.4.0

  • CVE-2021-41682Jun 20, 2022
    risk 0.00cvss epss 0.01

    There is a heap-use-after-free at ecma-helpers-string.c:1940 in ecma_compare_ecma_non_direct_strings in JerryScript 2.4.0

  • CVE-2021-42863May 12, 2022
    risk 0.00cvss epss 0.02

    A buffer overflow in ecma_builtin_typedarray_prototype_filter() in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer with unlimited size.

  • CVE-2021-41959May 3, 2022
    risk 0.00cvss epss 0.01

    JerryScript Git version 14ff5bf does not sufficiently track and release allocated memory via jerry-core/ecma/operations/ecma-regexp-object.c after RegExp, which causes a memory leak.

  • CVE-2021-43453Apr 7, 2022
    risk 0.00cvss epss 0.01

    A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions via an out-of-bounds read in parser_parse_for_statement_start in the js-parser-statm.c file. This issue is similar to CVE-2020-29657.

  • CVE-2021-41752Apr 5, 2022
    risk 0.00cvss epss 0.01

    Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021 due to an unbounded recursive call to the new opt() function.

Page 2 of 5