282 matches found
CVE-2024-7652 Type Confusion in Async Generators in Javascript Engine
An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox 128, Firefox ESR 115.13, Thunderbird 115.13, and Thunderbird 128...
firefox -- Potential memory corruption and exploitable crash
[email protected] reports: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash...
CVE-2024-43357 JavaScript specification issue may lead to type confusion and pointer dereference in implementations
ECMA-262 is the language specification for the scripting language ECMAScript. A problem in the ECMAScript JavaScript specification of async generators, introduced by a May 2021 spec refactor, may lead to mis-implementation in a way that could present as a security vulnerability, such as type...
[SECURITY] Fedora 39 Update: rapidjson-1.1.0-41.fc39
RapidJSON is a fast JSON parser and generator for C++. It was inspired by RapidXml. RapidJSON is small but complete. It supports both SAX and DOM style API. The SAX parser is only a half thousand lines of code. RapidJSON is fast. Its performance can be comparable to strlen. It also optionally...
UBUNTU-CVE-2024-33255
Jerryscript commit cefd391 was discovered to contain an Assertion Failure via ECMASTRINGISREFEQUALSTOONE stringp in ecmafreestringlist...
CVE-2024-29489
Jerryscript 2.4.0 has SEGV at ./jerry-core/ecma/base/ecma-helpers.c:238:58 in ecmagetobjecttype...
CVE-2024-29489
Jerryscript 2.4.0 has SEGV at ./jerry-core/ecma/base/ecma-helpers.c:238:58 in ecmagetobjecttype...
PT-2024-22923
Name of the Vulnerable Software and Affected Versions Jerryscript version 2.4.0 Description The issue is related to a SEGV at ./jerry-core/ecma/base/ecma-helpers.c:238:58 in the ecma get object type function. Recommendations For Jerryscript version 2.4.0, at the moment, there is no information...
CVE-2024-29489
Jerryscript 2.4.0 has SEGV at ./jerry-core/ecma/base/ecma-helpers.c:238:58 in ecmagetobjecttype...
UBUNTU-CVE-2023-36109
Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecmastringbuilderappendraw component at /jerry-core/ecma/base/ecma-helpers-string.c...
CVE-2023-36109
Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecmastringbuilderappendraw component at /jerry-core/ecma/base/ecma-helpers-string.c...
JerryScript Security Vulnerability
JerryScript is a lightweight JavaScript engine from the Jerryscript project. A security vulnerability exists in JerryScript version 3.0 that originates from allowing remote attackers to execute arbitrary code via the ecmastringbuilderappendraw component in...
PT-2023-25431 · Unknown · Jerryscript
Name of the Vulnerable Software and Affected Versions: JerryScript version 3.0 Description: The issue allows remote attackers to execute arbitrary code via the ecma stringbuilder append raw component at /jerry-core/ecma/base/ecma-helpers-string.c. This is a Buffer Overflow vulnerability...
CVE-2020-24187
An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service DoS Null Pointer Dereference...
CVE-2020-24187
An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service DoS Null Pointer Dereference...
Null pointer dereference
An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service DoS Null Pointer Dereference...
CVE-2020-24187
JerryScript CVE-2020-24187 affects ecma-helpers.c in jerryscript 2.3.0. The issue allows a local attacker to trigger a denial of service via a Null Pointer Dereference. Documented impact is local DoS; no patch/version remediation details are provided across the connected sources.
CVE-2020-24187
An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service DoS Null Pointer Dereference...
CVE-2020-24187
Removed by vendor...
JerryScript Code Issues Vulnerabilities
JerryScript is a lightweight JavaScript engine from the Jerryscript project. A security vulnerability exists in JerryScript version 2.3.0, which originated from a vulnerability that allows a local attacker to cause a denial of service DoS via ecma-helpers.c. The vulnerability is caused by the use...