RSS   Vulnerabilities for 'Moddable'   RSS

2021-11-19
 
CVE-2021-29323

CWE-787
 

 
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow via the component /modules/network/wifi/esp/modwifi.c.

 
 
CVE-2021-29324

CWE-787
 

 
OpenSource Moddable v10.5.0 was discovered to contain a stack overflow via the component /moddable/xs/sources/xsScript.c.

 
 
CVE-2021-29325

CWE-787
 

 
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_String_prototype_repeat function at /moddable/xs/sources/xsString.c.

 
 
CVE-2021-29326

CWE-787
 

 
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fxIDToString function at /moddable/xs/sources/xsSymbol.c.

 
 
CVE-2021-29327

CWE-787
 

 
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_ArrayBuffer function at /moddable/xs/sources/xsDataView.c.

 
 
CVE-2021-29328

CWE-125
 

 
OpenSource Moddable v10.5.0 was discovered to contain buffer over-read in the fxDebugThrow function at /moddable/xs/sources/xsDebug.c.

 
 
CVE-2021-29329

CWE-787
 

 
OpenSource Moddable v10.5.0 was discovered to contain a stack overflow in the fxBinaryExpressionNodeDistribute function at /moddable/xs/sources/xsTree.c.

 
2021-07-13
 
CVE-2020-22882

CWE-843
 

 
Issue was discovered in the fxParserTree function in moddable, allows attackers to cause denial of service via a crafted payload. Fixed in commit 723816ab9b52f807180c99fc69c7d08cf6c6bd61.

 
2020-12-04
 
CVE-2020-25465

CWE-476
 

 
Null Pointer Dereference. in xObjectBindingFromExpression at moddable/xs/sources/xsSyntaxical.c:3419 in Moddable SDK before OS200908 causes a denial of service (SEGV).

 
 
CVE-2020-25464

CWE-787
 

 
Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK before before 20200903. The top stack frame is only partially initialized because the stack overflowed while creating the frame. This leads to a crash in the code sending the stack frame to the debugger.

 


Copyright 2024, cxsecurity.com

 

Back to Top