RSS   Vulnerabilities for 'Jerryscript'   RSS

2022-06-20
 
CVE-2021-41682

CWE-416
 

 
There is a heap-use-after-free at ecma-helpers-string.c:1940 in ecma_compare_ecma_non_direct_strings in JerryScript 2.4.0

 
 
CVE-2021-41683

CWE-787
 

 
There is a stack-overflow at ecma-helpers.c:326 in ecma_get_lex_env_type in JerryScript 2.4.0

 
2022-05-03
 
CVE-2021-41959

CWE-401
 

 
JerryScript Git version 14ff5bf does not sufficiently track and release allocated memory via jerry-core/ecma/operations/ecma-regexp-object.c after RegExp, which causes a memory leak.

 
2022-04-07
 
CVE-2021-43453

CWE-787
 

 
A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions via an out-of-bounds read in parser_parse_for_statement_start in the js-parser-statm.c file. This issue is similar to CVE-2020-29657.

 
2022-01-25
 
CVE-2021-44988

CWE-787
 

 
Jerryscript v3.0.0 and below was discovered to contain a stack overflow via ecma_find_named_property in ecma-helpers.c.

 
 
CVE-2021-44992

CWE-119
 

 
There is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at /jerry-core/ecma/operations/ecma-typedarray-object.c in Jerryscript 3.0.0.

 
 
CVE-2021-44993

CWE-617
 

 
There is an Assertion ''ecma_is_value_boolean (base_value)'' failed at /jerry-core/ecma/operations/ecma-get-put-value.c in Jerryscript 3.0.0.

 
 
CVE-2021-44994

CWE-617
 

 
There is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0'' failed at /jerry-core/jmem/jmem-heap.c in Jerryscript 3.0.0.

 
2022-01-20
 
CVE-2022-22888

CWE-787
 

 
Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_op_object_find_own in /ecma/operations/ecma-objects.c.

 
 
CVE-2022-22890

CWE-617
 

 
There is an Assertion 'arguments_type != SCANNER_ARGUMENTS_PRESENT && arguments_type != SCANNER_ARGUMENTS_PRESENT_NO_REG' failed at /jerry-core/parser/js/js-scanner-util.c in Jerryscript 3.0.0.

 


Copyright 2022, cxsecurity.com

 

Back to Top