CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2024/04/26 3:15 p.m.•5 views

CVE-2024-33260

Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component parserparseclass at jerry-core/parser/js/js-parser-expr.c...

5.1CVSS7.2AI score

UbuntuCve•added 2024/04/26 3:15 p.m.•12 views

CVE-2024-33260

Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component parserparseclass at jerry-core/parser/js/js-parser-expr.c...

5.1CVSS5.8AI score0.00064EPSS

Cvelist•added 2024/04/26 12:0 a.m.•11 views

CVE-2024-33260

Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component parserparseclass at jerry-core/parser/js/js-parser-expr.c...

7.2AI score0.00064EPSS

NVD•added 2023/06/14 4:15 p.m.•16 views

CVE-2023-34868

Jerryscript 3.0 commit 05dbbd1 was discovered to contain an Assertion Failure via the parserparseforstatementstart at jerry-core/parser/js/js-parser-statm.c...

7.5CVSS7.5AI score0.0011EPSS

CVE•added 2023/06/14 12:0 a.m.•40 views

CVE-2023-34868

CVE-2023-34868 affects JerryScript 3.0 (commit 05dbbd1). The issue is an Assertion Failure in the parser: parser_parse_for_statement_start (jerry-core/parser/js/js-parser-statm.c). Impact per sources indicates high-severity with availability impact; no confidentiality/integrity impact indicated. ...

7.5CVSS7.5AI score0.0011EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/06/14 12:0 a.m.•14 views

CVE-2023-34868

Jerryscript 3.0 commit 05dbbd1 was discovered to contain an Assertion Failure via the parserparseforstatementstart at jerry-core/parser/js/js-parser-statm.c...

7.7AI score0.0011EPSS

NVD•added 2023/05/12 2:15 p.m.•15 views

CVE-2023-31913

Jerryscript 3.0 commit 1a2c047 was discovered to contain an Assertion Failure via the component parserparseclass at jerry-core/parser/js/js-parser-expr.c...

5.5CVSS5.5AI score0.00136EPSS

Cvelist•added 2023/05/12 12:0 a.m.•16 views

CVE-2023-31913

Jerryscript 3.0 commit 1a2c047 was discovered to contain an Assertion Failure via the component parserparseclass at jerry-core/parser/js/js-parser-expr.c...

5.7AI score0.00136EPSS

Cvelist•added 2023/05/10 12:0 a.m.•19 views

CVE-2023-31910

Jerryscript 3.0 commit 05dbbd1 was discovered to contain a heap-buffer-overflow via the component parserparsefunctionstatement at /jerry-core/parser/js/js-parser-statm.c...

7.8AI score0.00136EPSS

OSV•added 2022/06/27 12:1 a.m.•11 views

OSV-2022-514 Heap-use-after-free in AK::HashTable<AK::StringView, AK::Traits<AK::StringView>, false>::try_lookup_for

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48405 Crash type: Heap-use-after-free READ 2 Crash state: AK::HashTable, false::trylookupfor JS::Parser::isprivateidentifiervalid JS::Parser::parseprimaryexpression...

7.2AI score

Cvelist•added 2022/04/07 8:23 p.m.•19 views

CVE-2021-43453

A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions via an out-of-bounds read in parserparseforstatementstart in the js-parser-statm.c file. This issue is similar to CVE-2020-29657...

9.3AI score0.00377EPSS

Debian CVE•added 2022/04/07 8:23 p.m.•47 views

CVE-2021-43453

Removed by vendor...

9.8CVSS9.2AI score0.00377EPSS

Exploits1

CNNVD•added 2022/04/07 12:0 a.m.•1 views

JerryScript 缓冲区错误漏洞

JerryScript is a lightweight JavaScript engine from the Jerryscript project. JerryScript 2.4.0 suffers from a buffer error vulnerability that originates from an out-of-bounds read via parserparseforstatementstart in the js-parser-statm.c file...

9.8CVSS8.5AI score0.00377EPSS

CNVD•added 2022/01/23 12:0 a.m.•19 views

JerryScript /js-parser-mem.c Denial of Service Vulnerability

JerryScript is a lightweight JavaScript engine from the JerryScript project.JerryScript has a denial-of-service vulnerability in version 3.0.0, which stems from an assertion failure in /parser/js/js-parser-mem.c. An attacker could use this vulnerability to launch a denial of service...

5.5CVSS3AI score0.00138EPSS

OSV•added 2022/01/20 10:15 p.m.•4 views

CVE-2021-46337

There is an Assertion 'pagep != NULL' failed at /parser/js/js-parser-mem.cparserlistget in JerryScript 3.0.0...

5.5CVSS6.8AI score

CVE•added 2022/01/20 9:14 p.m.•45 views

CVE-2021-46343

CVE-2021-46343 affects JerryScript 3.0.0. The vulnerability is a denial-of-service caused by an assertion failure: Failure: assertion 'context_p->token.type == LEXER_LITERAL' in /jerry-core/parser/js/js-parser-expr.c. Impact: reported as DoS; no further exploit/vector details are provided in t...

5.5CVSS5.5AI score0.00138EPSS

Exploits1References1Affected Software1

CNNVD•added 2022/01/20 12:0 a.m.•2 views

JerryScript 安全漏洞

JerryScript, a lightweight JavaScript engine from the JerryScript project, has a security vulnerability in JerryScript 3.0.0, which stems from an assertion in /jerry-core/parser/js/js-parser-expr.c flags & PARSERPATTERNHASRESTELEMENT fails. No details of the vulnerability are currently provided...

5.5CVSS5.5AI score0.00138EPSS

CNVD•added 2021/06/12 12:0 a.m.•7 views

Unspecified Vulnerability in JerryScript (CNVD-2021-42996)

JerryScript is a lightweight JavaScript engine . A security vulnerability exists in JerryScript version 2.2.0 in js-parser.c:2185 in parserparsesource. No details of the vulnerability are provided at this time...

7.5CVSS6.7AI score0.00303EPSS

OSV•added 2021/06/10 11:15 p.m.•18 views

CVE-2020-23312

There is an Assertion 'context.statusflags & PARSERSCANNINGSUCCESSFUL' failed at js-parser.c:2185 in parserparsesource in JerryScript 2.2.0...

7.5CVSS6.9AI score