CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-16366

In XS 9.0.0 in Moddable SDK OS180329, there is a heap-based buffer overflow in fxBeginHost in xsAPI.c when called from fxRunDefine in xsRun.c, as demonstrated by crafted JavaScript code to xst.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/Moddable-OpenSource/moddable/issues/235
https://github.com/Moddable-OpenSource/moddable/issues/235

Products affected by CVE-2019-16366

Moddable » Moddable » Version: os180329

cpe:2.3:a:moddable:moddable:os180329
Moddable » Xs » Version: 9.0.0

cpe:2.3:a:moddable:xs:9.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-16366

Products

Pricing

Contact Us