📦 Jerryscript
by Jerryscript
🔍 What is Jerryscript?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
A buffer overflow vulnerability in JerryScript 3.0's ecma_stringbuilder_append_raw component allows remote attackers to execute arbitrary code. This affects systems running vulnerable versions of Jerr...
A buffer overflow vulnerability in JerryScript v3.0.0 allows remote attackers to execute arbitrary code by exploiting the scanner_is_context_needed component. This affects systems running vulnerable v...
A heap-based buffer overflow vulnerability in JerryScript 2.4.0 and earlier allows attackers to execute arbitrary code or cause denial of service via specially crafted JavaScript code. This affects an...
This is a critical buffer overflow vulnerability in JerryScript's array slice function that allows remote code execution. It affects systems running vulnerable versions of JerryScript, a lightweight J...
This is a critical heap buffer overflow vulnerability in JerryScript's UTF-8 string parsing code. Attackers can exploit this to execute arbitrary code or crash applications using the vulnerable JavaSc...
CVE-2020-23323 is a critical heap buffer overflow vulnerability in JerryScript's regular expression parser that allows remote code execution. Attackers can exploit this by providing specially crafted ...
This is a critical heap-use-after-free vulnerability in JerryScript's string handling that allows memory corruption. Attackers can exploit this to execute arbitrary code or cause denial of service. An...
CVE-2020-23306 is a critical stack-based buffer overflow vulnerability in JerryScript's regular expression engine that allows remote code execution. Attackers can exploit this by providing specially c...
CVE-2020-29657 is an out-of-bounds read vulnerability in JerryScript 2.3.0's main-utils.c file that could allow attackers to read sensitive memory contents or cause denial of service. This affects sys...
CVE-2024-33258 is a memory corruption vulnerability in JerryScript's JavaScript engine that allows attackers to cause segmentation faults via specially crafted scripts. This affects any application or...
CVE-2023-34868 is an assertion failure vulnerability in Jerryscript's parser that can cause denial of service through application crashes. It affects systems running Jerryscript 3.0 with the vulnerabl...
CVE-2023-31907 is a heap buffer overflow vulnerability in Jerryscript 3.0.0's scanner_literal_is_created function that could allow attackers to execute arbitrary code or cause denial of service. This ...
CVE-2023-31910 is a heap buffer overflow vulnerability in Jerryscript's parser component that could allow arbitrary code execution. This affects systems running vulnerable versions of Jerryscript, a l...
CVE-2022-22893 is a stack overflow vulnerability in Jerryscript 3.0.0's VM component that allows attackers to execute arbitrary code or cause denial of service. This affects any application or device ...
CVE-2022-22895 is a heap buffer overflow vulnerability in Jerryscript 3.0.0's string-to-number conversion function. This allows attackers to write beyond allocated memory boundaries, potentially leadi...
CVE-2022-22888 is a stack overflow vulnerability in Jerryscript 3.0.0's ecma_op_object_find_own function that allows attackers to execute arbitrary code or cause denial of service. This affects any ap...
This CVE describes a use-after-free vulnerability in JerryScript's lexer component that could allow memory corruption. Attackers could potentially execute arbitrary code or cause denial of service by ...
CVE-2020-23313 is a reachable assertion vulnerability in JerryScript's scanner_literal_is_created function that can cause denial of service through application crashes. This affects systems running Je...
CVE-2020-23319 is an assertion failure vulnerability in JerryScript's parser that could lead to denial of service or potentially arbitrary code execution. It affects systems running JerryScript 2.2.0,...
CVE-2021-26195 is a heap buffer overflow vulnerability in JerryScript's number parsing function that allows attackers to execute arbitrary code or cause denial of service. This affects applications us...
CVE-2020-23309 is a denial-of-service vulnerability in JerryScript's JavaScript parser where an assertion failure can be triggered by specially crafted JavaScript code, causing the interpreter to cras...
CVE-2020-23311 is an assertion failure vulnerability in JerryScript's JavaScript parser that can cause denial of service through application crashes. Attackers can trigger this by providing specially ...