Jerryscript: >> Jerryscript >> 3.0 Security Vulnerabilities
Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c.
CVSS Score
9.8
EPSS Score
0.204
Published
2023-09-20
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component ecma_builtin_typedarray_prototype_sort.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-05-10
A buffer overflow in ecma_builtin_typedarray_prototype_filter() in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer with unlimited size.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-05-12
Buffer overflow vulnerability in file ecma-builtin-array-prototype.c:909 in function ecma_builtin_array_prototype_object_slice in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-04-05
Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021 due to an unbounded recursive call to the new opt() function.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-04-05