Jerryscript
By the Year
In 2024 there have been 0 vulnerabilities in Jerryscript . Last year Jerryscript had 22 security vulnerabilities published. Right now, Jerryscript is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 22 | 6.78 |
2022 | 36 | 6.60 |
2021 | 20 | 7.94 |
2020 | 5 | 7.80 |
2019 | 1 | 9.80 |
2018 | 3 | 8.70 |
It may take a day or so for new Jerryscript vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jerryscript Security Vulnerabilities
Buffer Overflow vulnerability in JerryScript version 3.0
CVE-2023-36109
9.8 - Critical
- September 20, 2023
Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c.
Classic Buffer Overflow
Buffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0
CVE-2023-38961
9.8 - Critical
- August 21, 2023
Buffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0 allows a remote attacker to execute arbitrary code via the scanner_is_context_needed component in js-scanner-until.c.
Memory Corruption
An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0
CVE-2020-24187
5.5 - Medium
- August 11, 2023
An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference).
NULL Pointer Dereference
An issue in JerryscriptProject jerryscript v.3.0.0
CVE-2023-36201
7.5 - High
- July 07, 2023
An issue in JerryscriptProject jerryscript v.3.0.0 allows an attacker to obtain sensitive information via a crafted script to the arrays.
An issue in Jerrscript- project Jerryscrip v
CVE-2020-22597
9.8 - Critical
- July 03, 2023
An issue in Jerrscript- project Jerryscrip v. 2.3.0 allows a remote attacker to execute arbitrary code via the ecma_builtin_array_prototype_object_slice parameter.
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure
CVE-2023-34867
7.5 - High
- June 14, 2023
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c.
assertion failure
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure
CVE-2023-34868
7.5 - High
- June 14, 2023
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the parser_parse_for_statement_start at jerry-core/parser/js/js-parser-statm.c.
assertion failure
Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure
CVE-2023-31916
5.5 - Medium
- May 12, 2023
Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c.
assertion failure
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure
CVE-2023-31921
5.5 - Medium
- May 12, 2023
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_big_uint_div_mod at jerry-core/ecma/operations/ecma-big-uint.c.
assertion failure
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure
CVE-2023-31920
5.5 - Medium
- May 12, 2023
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the vm_loop at jerry-core/vm/vm.c.
assertion failure
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure
CVE-2023-31919
5.5 - Medium
- May 12, 2023
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the jcontext_raise_exception at jerry-core/jcontext/jcontext.c.
assertion failure
Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure
CVE-2023-31918
5.5 - Medium
- May 12, 2023
Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-core/parser/js/js-parser.c.
assertion failure
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc.
CVE-2023-31914
5.5 - Medium
- May 12, 2023
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc.
Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure
CVE-2023-31913
5.5 - Medium
- May 12, 2023
Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c.
assertion failure
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow
CVE-2023-31908
7.8 - High
- May 10, 2023
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component ecma_builtin_typedarray_prototype_sort.
Memory Corruption
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow
CVE-2023-31910
7.8 - High
- May 10, 2023
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component parser_parse_function_statement at /jerry-core/parser/js/js-parser-statm.c.
Memory Corruption
Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow
CVE-2023-31906
7.8 - High
- May 10, 2023
Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c.
Memory Corruption
Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow
CVE-2023-31907
7.8 - High
- May 10, 2023
Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via the component scanner_literal_is_created at /jerry-core/parser/js/js-scanner-util.c.
Memory Corruption
Jerryscript commit 1a2c047 was discovered to contain a stack overflow
CVE-2023-30414
5.5 - Medium
- April 24, 2023
Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component vm_loop at /jerry-core/vm/vm.c.
Memory Corruption
Jerryscript commit 1a2c047 was discovered to contain a stack overflow
CVE-2023-30410
5.5 - Medium
- April 24, 2023
Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component ecma_op_function_construct at /operations/ecma-function-object.c.
Memory Corruption
Jerryscript commit 1a2c047 was discovered to contain a segmentation violation
CVE-2023-30406
5.5 - Medium
- April 24, 2023
Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component ecma_find_named_property at /base/ecma-helpers.c.
Resource Exhaustion
Jerryscript commit 1a2c047 was discovered to contain a segmentation violation
CVE-2023-30408
5.5 - Medium
- April 24, 2023
Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component build/bin/jerry.
Resource Exhaustion
Jerryscript v2.4.0 was discovered to contain a stack buffer overflow
CVE-2022-32117
7.8 - High
- July 13, 2022
Jerryscript v2.4.0 was discovered to contain a stack buffer overflow via the function jerryx_print_unhandled_exception in /util/print.c.
Memory Corruption
There is a heap-use-after-free at ecma-helpers-string.c:1940 in ecma_compare_ecma_non_direct_strings in JerryScript 2.4.0
CVE-2021-41682
7.8 - High
- June 20, 2022
There is a heap-use-after-free at ecma-helpers-string.c:1940 in ecma_compare_ecma_non_direct_strings in JerryScript 2.4.0
Dangling pointer
There is a stack-overflow at ecma-helpers.c:326 in ecma_get_lex_env_type in JerryScript 2.4.0
CVE-2021-41683
7.8 - High
- June 20, 2022
There is a stack-overflow at ecma-helpers.c:326 in ecma_get_lex_env_type in JerryScript 2.4.0
Memory Corruption
A buffer overflow in ecma_builtin_typedarray_prototype_filter() in JerryScript version fe3a5c0
CVE-2021-42863
9.8 - Critical
- May 12, 2022
A buffer overflow in ecma_builtin_typedarray_prototype_filter() in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer with unlimited size.
Classic Buffer Overflow
JerryScript Git version 14ff5bf does not sufficiently track and release allocated memory
CVE-2021-41959
7.5 - High
- May 03, 2022
JerryScript Git version 14ff5bf does not sufficiently track and release allocated memory via jerry-core/ecma/operations/ecma-regexp-object.c after RegExp, which causes a memory leak.
Memory Leak
A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions
CVE-2021-43453
9.8 - Critical
- April 07, 2022
A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions via an out-of-bounds read in parser_parse_for_statement_start in the js-parser-statm.c file. This issue is similar to CVE-2020-29657.
Out-of-bounds Read
Buffer overflow vulnerability in file ecma-builtin-array-prototype.c:909 in function ecma_builtin_array_prototype_object_slice in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20
CVE-2021-41751
9.8 - Critical
- April 05, 2022
Buffer overflow vulnerability in file ecma-builtin-array-prototype.c:909 in function ecma_builtin_array_prototype_object_slice in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021.
Classic Buffer Overflow
Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20
CVE-2021-41752
9.8 - Critical
- April 05, 2022
Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021 due to an unbounded recursive call to the new opt() function.
Stack Exhaustion
There is an Assertion in 'context_p->next_s
CVE-2022-22901
5.5 - Medium
- February 17, 2022
There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at parser_parse_function_arguments in /js/js-parser.c of JerryScript commit a6ab5e9.
assertion failure
Jerryscript v3.0.0 and below was discovered to contain a stack overflow
CVE-2021-44988
7.8 - High
- January 25, 2022
Jerryscript v3.0.0 and below was discovered to contain a stack overflow via ecma_find_named_property in ecma-helpers.c.
Allocation of Resources Without Limits or Throttling
There is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0'' failed at /jerry-core/jmem/jmem-heap.c in Jerryscript 3.0.0.
CVE-2021-44994
5.5 - Medium
- January 25, 2022
There is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0'' failed at /jerry-core/jmem/jmem-heap.c in Jerryscript 3.0.0.
assertion failure
There is an Assertion ''ecma_is_value_boolean (base_value)'' failed at /jerry-core/ecma/operations/ecma-get-put-value.c in Jerryscript 3.0.0.
CVE-2021-44993
5.5 - Medium
- January 25, 2022
There is an Assertion ''ecma_is_value_boolean (base_value)'' failed at /jerry-core/ecma/operations/ecma-get-put-value.c in Jerryscript 3.0.0.
assertion failure
There is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at /jerry-core/ecma/operations/ecma-typedarray-object.c in Jerryscript 3.0.0.
CVE-2021-44992
5.5 - Medium
- January 25, 2022
There is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at /jerry-core/ecma/operations/ecma-typedarray-object.c in Jerryscript 3.0.0.
Buffer Overflow
Jerryscript 3.0.0 was discovered to contain a SEGV vulnerability
CVE-2022-22891
5.5 - Medium
- January 21, 2022
Jerryscript 3.0.0 was discovered to contain a SEGV vulnerability via ecma_ref_object_inline in /jerry-core/ecma/base/ecma-gc.c.
There is an Assertion 'ecma_is_value_undefined (value) || ecma_is_value_null (value) || ecma_is_value_boolean (value) || ecma_is_value_number (value) || ecma_is_value_string (value) || ecma_is_value_bigint (value) || ecma_is_value_symbol (value) || ecma_is_value_object (value)' failed at jerry-core/ecma/base/ecma-helpers-value.c in Jerryscripts 3.0.0.
CVE-2022-22892
5.5 - Medium
- January 21, 2022
There is an Assertion 'ecma_is_value_undefined (value) || ecma_is_value_null (value) || ecma_is_value_boolean (value) || ecma_is_value_number (value) || ecma_is_value_string (value) || ecma_is_value_bigint (value) || ecma_is_value_symbol (value) || ecma_is_value_object (value)' failed at jerry-core/ecma/base/ecma-helpers-value.c in Jerryscripts 3.0.0.
assertion failure
Jerryscript 3.0.0 was discovered to contain a stack overflow
CVE-2022-22893
7.8 - High
- January 21, 2022
Jerryscript 3.0.0 was discovered to contain a stack overflow via vm_loop.lto_priv.304 in /jerry-core/vm/vm.c.
Memory Corruption
Jerryscript 3.0.0 was discovered to contain a stack overflow
CVE-2022-22894
7.8 - High
- January 21, 2022
Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_lcache_lookup in /jerry-core/ecma/base/ecma-lcache.c.
Memory Corruption
Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow
CVE-2022-22895
7.8 - High
- January 21, 2022
Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via ecma_utf8_string_to_number_by_radix in /jerry-core/ecma/base/ecma-helpers-conversion.c.
Memory Corruption
Jerryscript 3.0.0 was discovered to contain a stack overflow
CVE-2022-22888
7.8 - High
- January 20, 2022
Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_op_object_find_own in /ecma/operations/ecma-objects.c.
Memory Corruption
There is an Assertion 'arguments_type != S
CVE-2022-22890
5.5 - Medium
- January 20, 2022
There is an Assertion 'arguments_type != SCANNER_ARGUMENTS_PRESENT && arguments_type != SCANNER_ARGUMENTS_PRESENT_NO_REG' failed at /jerry-core/parser/js/js-scanner-util.c in Jerryscript 3.0.0.
assertion failure
There is an Assertion 'page_p != NULL' failed at /parser/js/js-parser-mem.c(parser_list_get) in JerryScript 3.0.0.
CVE-2021-46337
5.5 - Medium
- January 20, 2022
There is an Assertion 'page_p != NULL' failed at /parser/js/js-parser-mem.c(parser_list_get) in JerryScript 3.0.0.
assertion failure
There is an Assertion 'opts & PARSER_CLASS_LITERAL_CTOR_PRESENT' failed at /parser/js/js-parser-expr.c(parser_parse_class_body) in JerryScript 3.0.0.
CVE-2021-46336
5.5 - Medium
- January 20, 2022
There is an Assertion 'opts & PARSER_CLASS_LITERAL_CTOR_PRESENT' failed at /parser/js/js-parser-expr.c(parser_parse_class_body) in JerryScript 3.0.0.
assertion failure
There is an Assertion 'ecma_is_lexical_environment (object_p)' failed at /base/ecma-helpers.c(ecma_get_lex_env_type) in JerryScript 3.0.0.
CVE-2021-46338
5.5 - Medium
- January 20, 2022
There is an Assertion 'ecma_is_lexical_environment (object_p)' failed at /base/ecma-helpers.c(ecma_get_lex_env_type) in JerryScript 3.0.0.
assertion failure
There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustment (date_value)' failed at /jerry-core/ecma/builtin-objects/ecma-builtin-date-prototype.c(ecma_builtin_date_prototype_dispatch_set):421 in JerryScript 3.0.0.
CVE-2021-46351
5.5 - Medium
- January 20, 2022
There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustment (date_value)' failed at /jerry-core/ecma/builtin-objects/ecma-builtin-date-prototype.c(ecma_builtin_date_prototype_dispatch_set):421 in JerryScript 3.0.0.
assertion failure
There is an Assertion 'ecma_is_value_object (value)' failed at jerryscript/jerry-core/ecma/base/ecma-helpers-value.c in JerryScript 3.0.0.
CVE-2021-46350
5.5 - Medium
- January 20, 2022
There is an Assertion 'ecma_is_value_object (value)' failed at jerryscript/jerry-core/ecma/base/ecma-helpers-value.c in JerryScript 3.0.0.
assertion failure
There is an Assertion 'type == ECMA_OBJECT_TYPE_GENERAL || type == ECMA_OBJECT_TYPE_PROXY' failed at /jerry-core/ecma/operations/ecma-objects.c in JerryScript 3.0.0.
CVE-2021-46349
5.5 - Medium
- January 20, 2022
There is an Assertion 'type == ECMA_OBJECT_TYPE_GENERAL || type == ECMA_OBJECT_TYPE_PROXY' failed at /jerry-core/ecma/operations/ecma-objects.c in JerryScript 3.0.0.
assertion failure
There is an Assertion 'ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p)' failed at /jerry-core/ecma/base/ecma-literal-storage.c in JerryScript 3.0.0.
CVE-2021-46348
5.5 - Medium
- January 20, 2022
There is an Assertion 'ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p)' failed at /jerry-core/ecma/base/ecma-literal-storage.c in JerryScript 3.0.0.
assertion failure
There is an Assertion 'ecma_object_check_class_name_is_object (obj_p)' failed at /jerry-core/ecma/operations/ecma-objects.c in JerryScript 3.0.0.
CVE-2021-46347
5.5 - Medium
- January 20, 2022
There is an Assertion 'ecma_object_check_class_name_is_object (obj_p)' failed at /jerry-core/ecma/operations/ecma-objects.c in JerryScript 3.0.0.
assertion failure
There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustment (date_value)' failed at /jerry-core/ecma/builtin-objects/ecma-builtin-date-prototype.c(ecma_builtin_date_prototype_dispatch_set):421 in JerryScript 3.0.0.
CVE-2021-46346
5.5 - Medium
- January 20, 2022
There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustment (date_value)' failed at /jerry-core/ecma/builtin-objects/ecma-builtin-date-prototype.c(ecma_builtin_date_prototype_dispatch_set):421 in JerryScript 3.0.0.
assertion failure
There is an Assertion 'flags & PARSER_PATTERN_HAS_REST_ELEMENT' failed at /jerry-core/parser/js/js-parser-expr.c in JerryScript 3.0.0.
CVE-2021-46344
5.5 - Medium
- January 20, 2022
There is an Assertion 'flags & PARSER_PATTERN_HAS_REST_ELEMENT' failed at /jerry-core/parser/js/js-parser-expr.c in JerryScript 3.0.0.
assertion failure
There is an Assertion 'context_p->token.type == LEXER_LITERAL' failed at /jerry-core/parser/js/js-parser-expr.c in JerryScript 3.0.0.
CVE-2021-46343
5.5 - Medium
- January 20, 2022
There is an Assertion 'context_p->token.type == LEXER_LITERAL' failed at /jerry-core/parser/js/js-parser-expr.c in JerryScript 3.0.0.
assertion failure
There is an Assertion 'ecma_is_lexical_environment (obj_p) || !ecma_op_object_is_fast_array (obj_p)' failed at /jerry-core/ecma/base/ecma-helpers.c in JerryScript 3.0.0.
CVE-2021-46342
5.5 - Medium
- January 20, 2022
There is an Assertion 'ecma_is_lexical_environment (obj_p) || !ecma_op_object_is_fast_array (obj_p)' failed at /jerry-core/ecma/base/ecma-helpers.c in JerryScript 3.0.0.
assertion failure
There is an Assertion 'context_p->stack_top_uint8 == S
CVE-2021-46340
5.5 - Medium
- January 20, 2022
There is an Assertion 'context_p->stack_top_uint8 == SCAN_STACK_TRY_STATEMENT || context_p->stack_top_uint8 == SCAN_STACK_CATCH_STATEMENT' failed at /parser/js/js-scanner.c(scanner_scan_statement_end) in JerryScript 3.0.0.
assertion failure
There is an Assertion 'lit_is_valid_cesu8_string (string_p, string_size)' failed at /base/ecma-helpers-string.c(ecma_new_ecma_string_
CVE-2021-46339
5.5 - Medium
- January 20, 2022
There is an Assertion 'lit_is_valid_cesu8_string (string_p, string_size)' failed at /base/ecma-helpers-string.c(ecma_new_ecma_string_from_utf8) in JerryScript 3.0.0.
assertion failure
There is an Assertion 'cesu8_cursor_p == cesu8_end_p' failed at /jerry-core/lit/lit-strings.c in JerryScript 3.0.0.
CVE-2021-46345
5.5 - Medium
- January 20, 2022
There is an Assertion 'cesu8_cursor_p == cesu8_end_p' failed at /jerry-core/lit/lit-strings.c in JerryScript 3.0.0.
assertion failure
An issue was discovered in JerryScript commit a6ab5e9
CVE-2021-46170
7.5 - High
- January 14, 2022
An issue was discovered in JerryScript commit a6ab5e9. There is an Use-After-Free in lexer_compare_identifier_to_string in js-lexer.c file.
Dangling pointer
There is an Assertion 'context_p->next_s
CVE-2020-23310
7.5 - High
- June 10, 2021
There is an Assertion 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at js-parser-statm.c:733 in parser_parse_function_statement in JerryScript 2.2.0.
assertion failure
There is a heap-buffer-overflow at lit-strings.c:431 in lit_read_code_unit_
CVE-2020-23321
9.8 - Critical
- June 10, 2021
There is a heap-buffer-overflow at lit-strings.c:431 in lit_read_code_unit_from_utf8 in JerryScript 2.2.0.
Memory Corruption
There is a heap-buffer-overflow at re-parser.c in re_parse_char_escape in JerryScript 2.2.0.
CVE-2020-23323
9.8 - Critical
- June 10, 2021
There is a heap-buffer-overflow at re-parser.c in re_parse_char_escape in JerryScript 2.2.0.
Memory Corruption
An issue was discovered in JerryScript 2.4.0
CVE-2021-26194
6.5 - Medium
- June 10, 2021
An issue was discovered in JerryScript 2.4.0. There is a heap-use-after-free in ecma_is_lexical_environment in the ecma-helpers.c file.
Dangling pointer
An issue was discovered in JerryScript 2.4.0
CVE-2021-26195
8.8 - High
- June 10, 2021
An issue was discovered in JerryScript 2.4.0. There is a heap-buffer-overflow in lexer_parse_number in js-lexer.c file.
Memory Corruption
An issue was discovered in JerryScript 2.4.0
CVE-2021-26197
6.5 - Medium
- June 10, 2021
An issue was discovered in JerryScript 2.4.0. There is a SEGV in main_print_unhandled_exception in main-utils.c file.
Improper Check for Unusual or Exceptional Conditions
An issue was discovered in JerryScript 2.4.0
CVE-2021-26198
6.5 - Medium
- June 10, 2021
An issue was discovered in JerryScript 2.4.0. There is a SEVG in ecma_deref_bigint in ecma-helpers.c file.
An issue was discovered in JerryScript 2.4.0
CVE-2021-26199
6.5 - Medium
- June 10, 2021
An issue was discovered in JerryScript 2.4.0. There is a heap-use-after-free in ecma_bytecode_ref in ecma-helpers.c file.
Dangling pointer
There is a heap-use-after-free at ecma-helpers-string.c:772 in ecma_ref_ecma_string in JerryScript 2.2.0
CVE-2020-23302
9.8 - Critical
- June 10, 2021
There is a heap-use-after-free at ecma-helpers-string.c:772 in ecma_ref_ecma_string in JerryScript 2.2.0
Dangling pointer
There is an Assertion in 'context_p->next_s
CVE-2020-23320
7.5 - High
- June 10, 2021
There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' in parser_parse_function_arguments in JerryScript 2.2.0.
assertion failure
There is a heap-buffer-overflow at jmem-poolman.c:165 in jmem_pools_collect_empty in JerryScript 2.2.0.
CVE-2020-23303
9.8 - Critical
- June 10, 2021
There is a heap-buffer-overflow at jmem-poolman.c:165 in jmem_pools_collect_empty in JerryScript 2.2.0.
Memory Corruption
There is an Assertion 'context_p->stack_top_uint8 == LEXER_EXPRESSION_START' at js-parser-expr.c:3565 in parser_parse_expression in JerryScript 2.2.0.
CVE-2020-23308
7.5 - High
- June 10, 2021
There is an Assertion 'context_p->stack_top_uint8 == LEXER_EXPRESSION_START' at js-parser-expr.c:3565 in parser_parse_expression in JerryScript 2.2.0.
assertion failure
There is an Assertion 'context_p->token.type == LEXER_RIGHT_BRACE || context_p->token.type == LEXER_ASSIGN || context_p->token.type == LEXER_COMMA' failed at js-parser-expr.c:3230 in parser_parse_object_initializer in JerryScript 2.2.0.
CVE-2020-23311
7.5 - High
- June 10, 2021
There is an Assertion 'context_p->token.type == LEXER_RIGHT_BRACE || context_p->token.type == LEXER_ASSIGN || context_p->token.type == LEXER_COMMA' failed at js-parser-expr.c:3230 in parser_parse_object_initializer in JerryScript 2.2.0.
assertion failure
There is an Assertion 'context.status_flags & PARSER_S
CVE-2020-23312
7.5 - High
- June 10, 2021
There is an Assertion 'context.status_flags & PARSER_SCANNING_SUCCESSFUL' failed at js-parser.c:2185 in parser_parse_source in JerryScript 2.2.0.
assertion failure
There is an Assertion 'scope_stack_p > context_p->scope_stack_p' failed at js-s
CVE-2020-23313
7.5 - High
- June 10, 2021
There is an Assertion 'scope_stack_p > context_p->scope_stack_p' failed at js-scanner-util.c:2510 in scanner_literal_is_created in JerryScript 2.2.0
assertion failure
There is an Assertion 'block_found' failed at js-parser-statm.c:2003 parser_parse_try_statement_end in JerryScript 2.2.0.
CVE-2020-23314
7.5 - High
- June 10, 2021
There is an Assertion 'block_found' failed at js-parser-statm.c:2003 parser_parse_try_statement_end in JerryScript 2.2.0.
assertion failure
There is an Assertion in '(flags >> CBC_STACK_ADJUST_SHIFT) >= CBC_STACK_ADJUST_BASE || (CBC_STACK_ADJUST_BASE - (flags >> CBC_STACK_ADJUST_SHIFT)) <= context_p->stack_depth' in parser_emit_cbc_backward_branch in JerryScript 2.2.0.
CVE-2020-23319
7.5 - High
- June 10, 2021
There is an Assertion in '(flags >> CBC_STACK_ADJUST_SHIFT) >= CBC_STACK_ADJUST_BASE || (CBC_STACK_ADJUST_BASE - (flags >> CBC_STACK_ADJUST_SHIFT)) <= context_p->stack_depth' in parser_emit_cbc_backward_branch in JerryScript 2.2.0.
assertion failure
There is an Assertion in 'context_p->token.type == LEXER_RIGHT_BRACE || context_p->token.type == LEXER_ASSIGN || context_p->token.type == LEXER_COMMA' in parser_parse_object_initializer in JerryScript 2.2.0.
CVE-2020-23322
7.5 - High
- June 10, 2021
There is an Assertion in 'context_p->token.type == LEXER_RIGHT_BRACE || context_p->token.type == LEXER_ASSIGN || context_p->token.type == LEXER_COMMA' in parser_parse_object_initializer in JerryScript 2.2.0.
assertion failure
There is a stack-overflow at ecma-regexp-object.c:535 in ecma_regexp_match in JerryScript 2.2.0.
CVE-2020-23306
9.8 - Critical
- June 10, 2021
There is a stack-overflow at ecma-regexp-object.c:535 in ecma_regexp_match in JerryScript 2.2.0.
Memory Corruption
There is an Assertion 'context_p->stack_depth == context_p->context_stack_depth' failed at js-parser-statm.c:2756 in parser_parse_statements in JerryScript 2.2.0.
CVE-2020-23309
7.5 - High
- June 10, 2021
There is an Assertion 'context_p->stack_depth == context_p->context_stack_depth' failed at js-parser-statm.c:2756 in parser_parse_statements in JerryScript 2.2.0.
assertion failure
In JerryScript 2.3.0
CVE-2020-29657
9.1 - Critical
- December 09, 2020
In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unhandled_exception in the main-utils.c file.
Out-of-bounds Read
vm/opcodes.c in JerryScript 2.2.0
CVE-2020-13991
7.5 - High
- September 24, 2020
vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register.
JerryScript through 2.3.0 allows stack consumption via function a(){new new Proxy(a,{})}JSON.parse("[]",a)
CVE-2020-24345
7.8 - High
- August 13, 2020
JerryScript through 2.3.0 allows stack consumption via function a(){new new Proxy(a,{})}JSON.parse("[]",a). NOTE: the vendor states that the problem is the lack of the --stack-limit option
Memory Corruption
JerryScript through 2.3.0 has a (function({a=arguments}){const arguments}) buffer over-read.
CVE-2020-24344
7.1 - High
- August 13, 2020
JerryScript through 2.3.0 has a (function({a=arguments}){const arguments}) buffer over-read.
Out-of-bounds Read
An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0
CVE-2020-14163
7.5 - High
- June 15, 2020
An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0. Operations with key/value pairs did not consider the case where garbage collection is triggered after the key operation but before the value operation, as demonstrated by improper read access to memory in ecma_gc_set_object_visited in ecma/base/ecma-gc.c.
Buffer Overflow
JerryScript commit 4e58ccf68070671e1fff5cd6673f0c1d5b80b166 is affected by: Buffer Overflow
CVE-2019-1010176
9.8 - Critical
- July 25, 2019
JerryScript commit 4e58ccf68070671e1fff5cd6673f0c1d5b80b166 is affected by: Buffer Overflow. The impact is: denial of service and possibly arbitrary code execution. The component is: function lit_char_to_utf8_bytes (jerry-core/lit/lit-char-helpers.c:377). The attack vector is: executing crafted javascript code. The fixed version is: after commit 505dace719aebb3308a3af223cfaa985159efae0.
Buffer Overflow
JerryScript version Tested on commit f86d7459d195c8ba58479d1861b0cc726c8b3793
CVE-2018-1000636
6.5 - Medium
- August 20, 2018
JerryScript version Tested on commit f86d7459d195c8ba58479d1861b0cc726c8b3793. Analysing history it seems that the issue has been present since commit 64a340ffeb8809b2b66bbe32fd443a8b79fdd860 contains a CWE-476: NULL Pointer Dereference vulnerability in Triggering undefined behavior at jerry-core/ecma/builtin-objects/typedarray/ecma-builtin-typedarray-prototype.c:598 (passing NULL to memcpy as 2nd argument) results in null pointer dereference (segfault) at jerry-core/jmem/jmem-heap.c:463 that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute specially crafted javascript code. This vulnerability appears to have been fixed in after commit 87897849f6879df10e8ad68a41bf8cf507edf710.
NULL Pointer Dereference
An issue was discovered in JerryScript 1.0
CVE-2018-11418
9.8 - Critical
- May 24, 2018
An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_utf8 function via a RegExp("[\\u0020") payload, related to re_parse_char_class in parser/regexp/re-parser.c.
Out-of-bounds Read
An issue was discovered in JerryScript 1.0
CVE-2018-11419
9.8 - Critical
- May 24, 2018
An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function via a RegExp("[\\u0") payload, related to re_parse_char_class in parser/regexp/re-parser.c.
Out-of-bounds Read
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jerryscript or by Jerryscript? Click the Watch button to subscribe.