Vulnerability Details CVE-2021-43453
A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions via an out-of-bounds read in parser_parse_for_statement_start in the js-parser-statm.c file. This issue is similar to CVE-2020-29657.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2021-43453
-
cpe:2.3:a:jerryscript:jerryscript:-
-
cpe:2.3:a:jerryscript:jerryscript:1.0
-
cpe:2.3:a:jerryscript:jerryscript:2.0
-
cpe:2.3:a:jerryscript:jerryscript:2.1.0
-
cpe:2.3:a:jerryscript:jerryscript:2.2.0
-
cpe:2.3:a:jerryscript:jerryscript:2.3.0
-
cpe:2.3:a:jerryscript:jerryscript:2.4.0