CVE-2020-23303

There is a heap-buffer-overflow at jmem-poolman.c:165 in jmempoolscollectempty in JerryScript 2.2.0...

CVE-2020-23302

Removed by vendor...

CVE-2020-13991

vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register...

CVE-2020-13991

vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register...

CVE-2020-13991

vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register...

CVE-2020-13991

vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register...

Input validation

An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0. Operations with key/value pairs did not consider the case where garbage collection is triggered after the key operation but before the value operation, as demonstrated by improper read access to memory in...

CVE-2020-14163

Removed by vendor...

CVE-2020-14163

An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0. Operations with key/value pairs did not consider the case where garbage collection is triggered after the key operation but before the value operation, as demonstrated by improper read access to memory in...

CVE-2020-13649

parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scannerreverseinfolist NULL pointer dereference and a scannerscanall assertion failure...

CVE-2020-13622

JerryScript 2.2.0 allows attackers to cause a denial of service assertion failure because a property key query for a Proxy object returns unintended data...

CVE-2020-13623

JerryScript 2.2.0 allows attackers to cause a denial of service stack consumption via a proxy operation...

CVE-2020-13622

JerryScript 2.2.0 allows attackers to cause a denial of service assertion failure because a property key query for a Proxy object returns unintended data...

Design/Logic Flaw

JerryScript 2.2.0 allows attackers to cause a denial of service stack consumption via a proxy operation...

Design/Logic Flaw

JerryScript 2.2.0 allows attackers to cause a denial of service assertion failure because a property key query for a Proxy object returns unintended data...

CVE-2020-13623

JerryScript 2.2.0 allows attackers to cause a denial of service stack consumption via a proxy operation...

CVE-2020-13623

CVE-2020-13623 affects JerryScript 2.2.0. An attacker can cause a denial of service (stack consumption) via a proxy operation. The issue is documented across multiple feeds (NVD, Red Hat, Ubuntu, OSV, etc.). Exploitation details are not provided in the initial or connected documents, and remediat...