A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions via an out-of-bounds read in parser_parse_for_statement_start in the js-parser-statm.c file. This issue is similar to CVE-2020-29657.
CPE | Name | Operator | Version |
---|---|---|---|
jerryscript | eq | 2.1.0 | |
jerryscript | eq | 2.4.0 | |
jerryscript | eq | 2.2.0 | |
jerryscript | eq | 2.0 | |
jerryscript | eq | 2.3.0 |