JerryScript has an unspecified vulnerability (CNVD-2022-07241)

JerryScript, a lightweight JavaScript engine from the JerryScript project, has a security vulnerability in JerryScript 3.0.0, which originates in /parser/js/js-parser-expr.cparserparseclassbody. classbody has a failed assertion opts & PARSERCLASSLITERALCTORPRESENT. No detailed vulnerability detai...

JerryScript has an unspecified vulnerability (CNVD-2022-07243)

JerryScript, a lightweight JavaScript engine from the JerryScript project, has a security vulnerability in JerryScript 3.0.0, which stems from an assertion in /jerry-core/parser/js/js-parser-expr.c flags & PARSERPATTERNHASRESTELEMENT fails. No details of the vulnerability are currently provided...

JerryScript has an unspecified vulnerability (CNVD-2022-07240)

JerryScript, a lightweight JavaScript engine from the JerryScript project, is vulnerable in JerryScript 3.0.0, which originates in /base/ecma-helpers.cecmagetlexenvtype An assertion ecmaislexicalenvironment objectp fails at /base/ecma-helpers.c ecmagetlexenvtype. No detailed vulnerability details...

JerryScript js-scanner-util.c denial-of-service vulnerability

JerryScript, a lightweight JavaScript engine from the JerryScript project, has a denial-of-service vulnerability in version 3.0.0, which stems from an assertion failure in /jerry-core/parser/js/js-scanner-util.c. An attacker could use this vulnerability to launch a denial of service...

JerryScript ecma-literal-storage.c denial of service vulnerability

JerryScript, a lightweight JavaScript engine from the JerryScript project, has a denial-of-service vulnerability in version 3.0.0, which stems from a failed assertion in /jerry-core/ecma/base/ecma-literal-storage.c. case, an attacker could use this vulnerability to launch a denial of service...

JerryScript js-parser-expr.c denial-of-service vulnerability

JerryScript is a lightweight JavaScript engine from the JerryScript project.JerryScript has a denial of service vulnerability in version 3.0.0, which stems from an assertion failure in /jerry-core/parser/js/js-parser-expr.c. An attacker could use this vulnerability to launch a denial of service...

JerryScript ecma-helpers-value.c denial-of-service vulnerability

JerryScript, a lightweight JavaScript engine from the JerryScript project, has a denial-of-service vulnerability in version 3.0.0, which stems from a failed assertion in /jerry-core/ecma/base/ecma-helpers-value.c , an attacker could use this vulnerability to launch a denial of service...

JerryScript ecma-helpers-string.c Denial of Service Vulnerability

JerryScript is a lightweight JavaScript engine from the JerryScript project.JerryScript has a denial-of-service vulnerability in version 3.0.0, which stems from a failed assertion in /base/ecma-helpers-string.c. An attacker could use this vulnerability to launch a denial of service...

JerryScript ecma-objects.c denial of service vulnerability

JerryScript, a lightweight JavaScript engine from the JerryScript project, has a denial-of-service vulnerability in version 3.0.0, which stems from a failed assertion in /jerry-core/ecma/operations/ecma-objects.c , an attacker could use this vulnerability to launch a denial of service...

Jerryscript stack buffer overflow vulnerability

JerryScript is a lightweight JavaScript engine from the JerryScript project. jerryscript has a stack buffer overflow vulnerability in version 3.0.0, which stems from vmloop.ltopriv.304 in /jerry-core/vm/vm.c when handling untrusted input with a boundary error. An attacker could exploit this...

JerryScript lit-strings.c denial-of-service vulnerability

JerryScript is a lightweight JavaScript engine from the JerryScript project.JerryScript has a denial-of-service vulnerability in version 3.0.0, which stems from an assertion failure in /jerry-core/lit/lit-strings.c. An attacker could use this vulnerability to launch a denial of service...

JerryScript ecma-helpers.c denial of service vulnerability

JerryScript, a lightweight JavaScript engine from the JerryScript project, has a denial-of-service vulnerability in version 3.0.0, which stems from a failed assertion in /jerry-core/ecma/base/ecma-helpers.c. An attacker could exploit this vulnerability to launch a denial of service...

Microsoft ChakraCore 安全漏洞

Microsoft ChakraCore is the core part of an open source Chakra JavaScript scripting engine used in the Edge browser by Microsoft USA and can also be used as a standalone JavaScript engine. The vulnerability stems from an assertion pFuncBody-GetYieldRegister == oldYieldRegister failure in...

JerryScript 安全漏洞

JerryScript, a lightweight JavaScript engine from the JerryScript project, has a security vulnerability in JerryScript 3.0.0, which stems from /parser/js/js-scanner.cscannerscan statementend has an assertion contextp-stacktopuint8 == SCANSTACKTRYSTATEMENT || contextp-stacktopuint8 ==...

JerryScript 安全漏洞

JerryScript is a lightweight JavaScript engine from the JerryScript project.JerryScript has a denial-of-service vulnerability in version 3.0.0, which stems from an assertion failure in /jerry-core/lit/lit-strings.c. An attacker could use this vulnerability to launch a denial of service...

CVE-2022-22752

Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs present in Firefox 95. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox...

CVE-2022-22747

After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

CVE-2022-22738

Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

CVE-2022-22743

When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

CVE-2022-22742

When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...