CVE-2023-30406

Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component ecmafindnamedproperty at /base/ecma-helpers.c...

UBUNTU-CVE-2023-30406

Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component ecmafindnamedproperty at /base/ecma-helpers.c...

PT-2023-22677 · Unknown · Jerryscript

Name of the Vulnerable Software and Affected Versions: Jerryscript version 1a2c047 Description: A segmentation violation was discovered in Jerryscript via the component ecma find named property at /base/ecma-helpers.c. Recommendations: For Jerryscript version 1a2c047, consider avoiding the use of...

SUSE CVE-2015-1216

Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact...

PT-2022-12281 · Unknown · Jerryscript

Name of the Vulnerable Software and Affected Versions: Jerryscript versions 3.0.0 and below Description: A stack overflow issue was discovered in Jerryscript via the ecma find named property function in ecma-helpers.c. Recommendations: For Jerryscript versions 3.0.0 and below, consider restrictin...

Apple Webkit Named Property UXSS

Apple Webkit: UXSS by accessing a named property from an unloaded window CVE-2017-2367 The frame is not detached from an unloaded window. We can access to the new document's named properties via the following function. static bool...

Apple Webkit - Universal Cross-Site Scripting by Accessing a Named Property from an Unloaded Window

Exploit for multiple platform in category web applications document auto& htmlDocument = downcastdocument; auto atomicPropertyName = propertyName.publicName; if atomicPropertyName && htmlDocument.hasWindowNamedItematomicPropertyName JSValue namedItem; if...

Apple Webkit: UXSS by accessing a named property from an unloaded window (CVE-2017-2367)

The frame is not detached from an unloaded window. We can access to the new document's named properties via the following function. static bool jsDOMWindowPropertiesGetOwnPropertySlotNamedItemGetterJSDOMWindowProperties thisObject, Frame& frame, ExecState exec, PropertyName propertyName,...

chromium-browser: Use-after-free in v8 bindings

Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact...