CVE-2024-43367

Boa is an embeddable and experimental Javascript engine written in Rust. Starting in version 0.16 and prior to version 0.19.0, a wrong assumption made when handling ECMAScript's AsyncGenerator operations can cause an uncaught exception on certain scripts. Boa's implementation of AsyncGenerator...

Boa (>=0.13.0 <=0.13.1), arci-urdf-viz (>=0.0.7 <=0.1.0) +89 more potentially affected by unknown CVE via fast-float (=0.2.0)

fast-float CARGO version =0.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on fast-float and may be impacted: - Boa =0.13.0, =0.0.7, =0.1.0, =0.1.0, =0.1.2, =0.1.0, =0.19.0, =0.3.0, =0.4.1, =0.6.2, =0.3.2, =0.4.1, =0.3.2, =0.20.2 and more Source cves...

boa_cli (=0.16.0), click_and_load (=0.2.0) +1 more potentially affected by CVE-2024-43357 +1 more via boa_engine (=0.16.0)

boaengine CARGO version =0.16.0 is affected by a known vulnerability. The following packages have a transitive dependency on boaengine and may be impacted: - boacli =0.16.0 - clickandload =0.2.0 - zippyst =5.0.0 Source cves: CVE-2024-43357, CVE-2024-43367 Source advisory: OSV:GHSA-F67Q-WR6W-23JQ...

boa_cli (=0.16.0), click_and_load (=0.2.0) +1 more potentially affected by CVE-2024-43357 +1 more via boa_engine (=0.16.0)

boaengine CARGO version =0.16.0 is affected by a known vulnerability. The following packages have a transitive dependency on boaengine and may be impacted: - boacli =0.16.0 - clickandload =0.2.0 - zippyst =5.0.0 Source cves: CVE-2024-43357, CVE-2024-43367 Source advisory: OSV:RUSTSEC-2024-0444...