1216 matches found
UBUNTU-CVE-2020-24345
DISPUTED JerryScript through 2.3.0 allows stack consumption via function anew new Proxya,JSON.parse"",a. NOTE: the vendor states that the problem is the lack of the --stack-limit option...
CVE-2020-24344
JerryScript through 2.3.0 has a functiona=argumentsconst arguments buffer over-read...
Buffer overflow
JerryScript through 2.3.0 has a functiona=argumentsconst arguments buffer over-read...
CVE-2020-24344
JerryScript through 2.3.0 has a functiona=argumentsconst arguments buffer over-read...
CVE-2020-24344
JerryScript up to version 2.3.0 is affected by a buffer over-read in a function using a default parameter (function({a=arguments}){const arguments}). The issue is described across multiple sources as a buffer over-read in JerryScript 2.3.0 and earlier. The provided documents do not specify the ex...
CVE-2020-24344
Removed by vendor...
CVE-2020-24345
JerryScript through 2.3.0 allows stack consumption via function anew new Proxya,JSON.parse"",a. NOTE: the vendor states that the problem is the lack of the --stack-limit option...
CVE-2020-24345
CVE-2020-24345 affects JerryScript prior to 2.3.0. The issue allows stack consumption via the pattern: a(){new new Proxy(a,{})}JSON.parse("[]",a), with the vendor stating the root cause is the lack of the --stack-limit option. Impact is primarily stack depletion potentially causing a crash; no ex...
PT-2020-15696 · Jerryscript · Jerryscript
Name of the Vulnerable Software and Affected Versions: JerryScript versions prior to 2.3.0 Description: The issue is related to stack consumption via a function that utilizes new new Proxya, and JSON.parse"",a. The vendor notes that the problem stems from the lack of the --stack-limit option...
JerryScript suffers from a denial of service vulnerability (CNVD-2020-51545)
JerryScript is a lightweight JavaScript engine JerryScript project . A denial of service vulnerability exists in JerryScript, which can be exploited by an attacker to cause a program crash...
JerryScript suffers from a denial of service vulnerability (CNVD-2020-50747)
JerryScript is a lightweight JavaScript engine that attempts to run on top of constrained devices, such as microprocessors. A denial of service vulnerability exists in JerryScript. An attacker could exploit this vulnerability to cause a denial of service...
JerryScript suffers from a denial of service vulnerability (CNVD-2020-50749)
JerryScript is a lightweight JavaScript engine that attempts to run on top of constrained devices, such as microprocessors. A denial of service vulnerability exists in JerryScript. An attacker could exploit this vulnerability to cause a denial of service...
JerryScript suffers from a denial of service vulnerability
JerryScript is a lightweight JavaScript engine that attempts to run on top of constrained devices, such as microprocessors. A denial of service vulnerability exists in JerryScript. An attacker could exploit this vulnerability to cause a denial of service...
JerryScript suffers from a denial of service vulnerability (CNVD-2020-50748)
JerryScript is a lightweight JavaScript engine that attempts to run on top of constrained devices, such as microprocessors. A denial of service vulnerability exists in JerryScript. An attacker could exploit this vulnerability to cause a denial of service...
JerryScript Information Disclosure Vulnerability
JerryScript is a lightweight JavaScript engine JerryScript project . A security vulnerability exists in the ecma/operations/ecma-container-object.c file in JerryScript version 2.2.0. No detailed vulnerability details are available at this time...
CVE-2020-14163
An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0. Operations with key/value pairs did not consider the case where garbage collection is triggered after the key operation but before the value operation, as demonstrated by improper read access to memory in...
CVE-2020-14163
An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0. Operations with key/value pairs did not consider the case where garbage collection is triggered after the key operation but before the value operation, as demonstrated by improper read access to memory in...
Input validation
An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0. Operations with key/value pairs did not consider the case where garbage collection is triggered after the key operation but before the value operation, as demonstrated by improper read access to memory in...
CVE-2020-14163
An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0. Operations with key/value pairs did not consider the case where garbage collection is triggered after the key operation but before the value operation, as demonstrated by improper read access to memory in...
CVE-2020-14163
Removed by vendor...