CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

JerryScript suffers from a denial of service vulnerability (CNVD-2020-50747)

JerryScript is a lightweight JavaScript engine that attempts to run on top of constrained devices, such as microprocessors. A denial of service vulnerability exists in JerryScript. An attacker could exploit this vulnerability to cause a denial of service...

JerryScript suffers from a denial of service vulnerability (CNVD-2020-50749)

JerryScript suffers from a denial of service vulnerability

JerryScript suffers from a denial of service vulnerability (CNVD-2020-50748)

CNVD•added 2020/06/16 12:0 a.m.•8 views

JerryScript Information Disclosure Vulnerability

JerryScript is a lightweight JavaScript engine JerryScript project . A security vulnerability exists in the ecma/operations/ecma-container-object.c file in JerryScript version 2.2.0. No detailed vulnerability details are available at this time...

7.5CVSS6.7AI score0.00399EPSS

Exploits0References1

OSV•added 2020/06/15 9:15 p.m.•13 views

CVE-2020-14163

An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0. Operations with key/value pairs did not consider the case where garbage collection is triggered after the key operation but before the value operation, as demonstrated by improper read access to memory in...

7.5CVSS6.5AI score

Exploits0References2

NVD•added 2020/06/15 9:15 p.m.•17 views

CVE-2020-14163

7.5CVSS0.00399EPSS

Exploits0References2

Prion•added 2020/06/15 9:15 p.m.•21 views

Input validation

5CVSS7.3AI score0.00399EPSS

Exploits0References2Affected Software1

UbuntuCve•added 2020/06/15 9:15 p.m.•16 views

CVE-2020-14163

7.5CVSS7.2AI score0.00399EPSS

Debian CVE•added 2020/06/15 8:14 p.m.•31 views

CVE-2020-14163

Removed by vendor...

7.5CVSS7.8AI score0.00399EPSS

Cvelist•added 2020/06/15 8:14 p.m.•18 views

CVE-2020-14163

7.4AI score0.00399EPSS

Exploits0References2

CVE•added 2020/06/15 8:14 p.m.•69 views

CVE-2020-14163

CVE-2020-14163 affects JerryScript 2.2.0. The vulnerability is a race that can cause memory corruption when handling key/value pairs: if garbage collection is triggered after the key operation but before the value operation, improper read access can occur in ecma_gc_set_object_visited (ecma/base/...

7.5CVSS7.3AI score0.00399EPSS

Exploits0References2Affected Software1

CNVD•added 2020/05/29 12:0 a.m.•1 views

JerryScript Code Problem Vulnerability

JerryScript is a lightweight JavaScript engine . A code issue vulnerability exists in the parser/js/js-scanner.c file in JerryScript version 2.2.0. The vulnerability stems from an improperly designed or implemented code development process for a web-based system or product. No detailed...

7.5CVSS7.2AI score0.00401EPSS

Exploits0References1

NVD•added 2020/05/28 3:15 p.m.•14 views

CVE-2020-13649

parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scannerreverseinfolist NULL pointer dereference and a scannerscanall assertion failure...

7.5CVSS7.5AI score0.00401EPSS

OSV•added 2020/05/28 3:15 p.m.•15 views

CVE-2020-13649

7.5CVSS6.8AI score

UbuntuCve•added 2020/05/28 3:15 p.m.•37 views

CVE-2020-13649

7.5CVSS7.1AI score0.00401EPSS

Exploits0References4

OSV•added 2020/05/28 3:15 p.m.•1 views

UBUNTU-CVE-2020-13649

7.5CVSS7.1AI score0.00401EPSS

Exploits0References5

CVE•added 2020/05/28 2:13 p.m.•123 views

CVE-2020-13649

The CVE-2020-13649 entry refers to JerryScript 2.2.0, specifically the parser/js/js-scanner.c component. The described vulnerability arises from mishandling errors during certain out-of-memory conditions, demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all ...

7.5CVSS7.5AI score0.00401EPSS

Exploits0References3Affected Software1

Cvelist•added 2020/05/28 2:13 p.m.•21 views

CVE-2020-13649

7.6AI score0.00401EPSS

Debian CVE•added 2020/05/28 2:13 p.m.•21 views

CVE-2020-13649

Removed by vendor...

7.5CVSS7.8AI score0.00401EPSS