Jerryscript CVE - Yack CVE

Filtered by vendor Jerryscript

Total 98 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2024-29489	1 Jerryscript	1 Jerryscript	2025-09-22	N/A	5.5 MEDIUM
Jerryscript 2.4.0 has SEGV at ./jerry-core/ecma/base/ecma-helpers.c:238:58 in ecma_get_object_type.
CVE-2024-33255	1 Jerryscript	1 Jerryscript	2025-09-22	N/A	6.2 MEDIUM
Jerryscript commit cefd391 was discovered to contain an Assertion Failure via ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p) in ecma_free_string_list.
CVE-2024-33258	1 Jerryscript	1 Jerryscript	2025-09-22	N/A	7.1 HIGH
Jerryscript commit ff9ff8f was discovered to contain a segmentation violation via the component vm_loop at jerry-core/vm/vm.c.
CVE-2024-33259	1 Jerryscript	1 Jerryscript	2025-09-22	N/A	5.5 MEDIUM
Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component scanner_seek at jerry-core/parser/js/js-scanner-util.c.
CVE-2024-33260	1 Jerryscript	1 Jerryscript	2025-09-22	N/A	5.1 MEDIUM
Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c
CVE-2017-9250	1 Jerryscript	1 Jerryscript	2025-04-20	5.0 MEDIUM	7.5 HIGH
The lexer_process_char_literal function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed JavaScript source code, related to the jmem_heap_free_block function.
CVE-2017-14749	1 Jerryscript	1 Jerryscript	2025-04-20	6.8 MEDIUM	7.8 HIGH
JerryScript 1.0 allows remote attackers to cause a denial of service (jmem_heap_alloc_block_internal heap memory corruption) or possibly execute arbitrary code via a crafted .js file, because unrecognized \ characters cause incorrect 0x00 characters in bytecode.literal data.
CVE-2023-30410	1 Jerryscript	1 Jerryscript	2025-02-05	N/A	5.5 MEDIUM
Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component ecma_op_function_construct at /operations/ecma-function-object.c.
CVE-2023-30408	1 Jerryscript	1 Jerryscript	2025-02-05	N/A	5.5 MEDIUM
Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component build/bin/jerry.
CVE-2023-30406	1 Jerryscript	1 Jerryscript	2025-02-05	N/A	5.5 MEDIUM
Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component ecma_find_named_property at /base/ecma-helpers.c.
CVE-2023-30414	1 Jerryscript	1 Jerryscript	2025-02-04	N/A	5.5 MEDIUM
Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component vm_loop at /jerry-core/vm/vm.c.
CVE-2023-31910	1 Jerryscript	1 Jerryscript	2025-01-28	N/A	7.8 HIGH
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component parser_parse_function_statement at /jerry-core/parser/js/js-parser-statm.c.
CVE-2023-31908	1 Jerryscript	1 Jerryscript	2025-01-28	N/A	7.8 HIGH
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component ecma_builtin_typedarray_prototype_sort.
CVE-2023-31907	1 Jerryscript	1 Jerryscript	2025-01-27	N/A	7.8 HIGH
Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via the component scanner_literal_is_created at /jerry-core/parser/js/js-scanner-util.c.
CVE-2023-31906	1 Jerryscript	1 Jerryscript	2025-01-27	N/A	7.8 HIGH
Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c.
CVE-2023-31919	1 Jerryscript	1 Jerryscript	2025-01-24	N/A	5.5 MEDIUM
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the jcontext_raise_exception at jerry-core/jcontext/jcontext.c.
CVE-2023-31918	1 Jerryscript	1 Jerryscript	2025-01-24	N/A	5.5 MEDIUM
Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-core/parser/js/js-parser.c.
CVE-2023-31914	1 Jerryscript	1 Jerryscript	2025-01-24	N/A	5.5 MEDIUM
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc.
CVE-2023-31913	1 Jerryscript	1 Jerryscript	2025-01-24	N/A	5.5 MEDIUM
Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c.
CVE-2023-31916	1 Jerryscript	1 Jerryscript	2025-01-24	N/A	5.5 MEDIUM
Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c.
CVE-2023-31921	1 Jerryscript	1 Jerryscript	2025-01-24	N/A	5.5 MEDIUM
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_big_uint_div_mod at jerry-core/ecma/operations/ecma-big-uint.c.
CVE-2023-31920	1 Jerryscript	1 Jerryscript	2025-01-24	N/A	5.5 MEDIUM
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the vm_loop at jerry-core/vm/vm.c.
CVE-2023-34867	1 Jerryscript	1 Jerryscript	2025-01-03	N/A	7.5 HIGH
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c.
CVE-2023-34868	1 Jerryscript	1 Jerryscript	2025-01-02	N/A	7.5 HIGH
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the parser_parse_for_statement_start at jerry-core/parser/js/js-parser-statm.c.
CVE-2023-38961	1 Jerryscript	1 Jerryscript	2024-11-21	N/A	9.8 CRITICAL
Buffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0 allows a remote attacker to execute arbitrary code via the scanner_is_context_needed component in js-scanner-until.c.
CVE-2023-36201	1 Jerryscript	1 Jerryscript	2024-11-21	N/A	7.5 HIGH
An issue in JerryscriptProject jerryscript v.3.0.0 allows an attacker to obtain sensitive information via a crafted script to the arrays.
CVE-2023-36109	1 Jerryscript	1 Jerryscript	2024-11-21	N/A	9.8 CRITICAL
Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c.
CVE-2022-32117	1 Jerryscript	1 Jerryscript	2024-11-21	N/A	7.8 HIGH
Jerryscript v2.4.0 was discovered to contain a stack buffer overflow via the function jerryx_print_unhandled_exception in /util/print.c.
CVE-2022-22901	1 Jerryscript	1 Jerryscript	2024-11-21	4.3 MEDIUM	5.5 MEDIUM
There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at parser_parse_function_arguments in /js/js-parser.c of JerryScript commit a6ab5e9.
CVE-2022-22895	1 Jerryscript	1 Jerryscript	2024-11-21	6.8 MEDIUM	7.8 HIGH
Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via ecma_utf8_string_to_number_by_radix in /jerry-core/ecma/base/ecma-helpers-conversion.c.
CVE-2022-22894	1 Jerryscript	1 Jerryscript	2024-11-21	6.8 MEDIUM	7.8 HIGH
Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_lcache_lookup in /jerry-core/ecma/base/ecma-lcache.c.
CVE-2022-22893	1 Jerryscript	1 Jerryscript	2024-11-21	6.8 MEDIUM	7.8 HIGH
Jerryscript 3.0.0 was discovered to contain a stack overflow via vm_loop.lto_priv.304 in /jerry-core/vm/vm.c.
CVE-2022-22892	1 Jerryscript	1 Jerryscript	2024-11-21	4.3 MEDIUM	5.5 MEDIUM
There is an Assertion 'ecma_is_value_undefined (value) \|\| ecma_is_value_null (value) \|\| ecma_is_value_boolean (value) \|\| ecma_is_value_number (value) \|\| ecma_is_value_string (value) \|\| ecma_is_value_bigint (value) \|\| ecma_is_value_symbol (value) \|\| ecma_is_value_object (value)' failed at jerry-core/ecma/base/ecma-helpers-value.c in Jerryscripts 3.0.0.
CVE-2022-22891	1 Jerryscript	1 Jerryscript	2024-11-21	4.3 MEDIUM	5.5 MEDIUM
Jerryscript 3.0.0 was discovered to contain a SEGV vulnerability via ecma_ref_object_inline in /jerry-core/ecma/base/ecma-gc.c.
CVE-2022-22890	1 Jerryscript	1 Jerryscript	2024-11-21	5.0 MEDIUM	5.5 MEDIUM
There is an Assertion 'arguments_type != SCANNER_ARGUMENTS_PRESENT && arguments_type != SCANNER_ARGUMENTS_PRESENT_NO_REG' failed at /jerry-core/parser/js/js-scanner-util.c in Jerryscript 3.0.0.
CVE-2022-22888	1 Jerryscript	1 Jerryscript	2024-11-21	6.8 MEDIUM	7.8 HIGH
Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_op_object_find_own in /ecma/operations/ecma-objects.c.
CVE-2021-46351	1 Jerryscript	1 Jerryscript	2024-11-21	4.3 MEDIUM	5.5 MEDIUM
There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustment (date_value)' failed at /jerry-core/ecma/builtin-objects/ecma-builtin-date-prototype.c(ecma_builtin_date_prototype_dispatch_set):421 in JerryScript 3.0.0.
CVE-2021-46350	1 Jerryscript	1 Jerryscript	2024-11-21	4.3 MEDIUM	5.5 MEDIUM
There is an Assertion 'ecma_is_value_object (value)' failed at jerryscript/jerry-core/ecma/base/ecma-helpers-value.c in JerryScript 3.0.0.
CVE-2021-46349	1 Jerryscript	1 Jerryscript	2024-11-21	4.3 MEDIUM	5.5 MEDIUM
There is an Assertion 'type == ECMA_OBJECT_TYPE_GENERAL \|\| type == ECMA_OBJECT_TYPE_PROXY' failed at /jerry-core/ecma/operations/ecma-objects.c in JerryScript 3.0.0.
CVE-2021-46348	1 Jerryscript	1 Jerryscript	2024-11-21	4.3 MEDIUM	5.5 MEDIUM
There is an Assertion 'ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p)' failed at /jerry-core/ecma/base/ecma-literal-storage.c in JerryScript 3.0.0.

Vulnerabilities (CVE)