Jerryscript CVEs and Security Vulnerabilities

Filtered by vendor Jerryscript Subscriptions

Search

Switch to Advanced Search (Beta)

Total 98 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-29489	1 Jerryscript	1 Jerryscript	2025-09-22	5.5 Medium
Jerryscript 2.4.0 has SEGV at ./jerry-core/ecma/base/ecma-helpers.c:238:58 in ecma_get_object_type.
CVE-2024-33255	1 Jerryscript	1 Jerryscript	2025-09-22	6.2 Medium
Jerryscript commit cefd391 was discovered to contain an Assertion Failure via ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p) in ecma_free_string_list.
CVE-2024-33258	1 Jerryscript	1 Jerryscript	2025-09-22	7.1 High
Jerryscript commit ff9ff8f was discovered to contain a segmentation violation via the component vm_loop at jerry-core/vm/vm.c.
CVE-2024-33259	1 Jerryscript	1 Jerryscript	2025-09-22	5.5 Medium
Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component scanner_seek at jerry-core/parser/js/js-scanner-util.c.
CVE-2024-33260	1 Jerryscript	1 Jerryscript	2025-09-22	5.1 Medium
Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c
CVE-2017-9250	1 Jerryscript	1 Jerryscript	2025-04-20	7.5 High
The lexer_process_char_literal function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed JavaScript source code, related to the jmem_heap_free_block function.
CVE-2017-14749	1 Jerryscript	1 Jerryscript	2025-04-20	N/A
JerryScript 1.0 allows remote attackers to cause a denial of service (jmem_heap_alloc_block_internal heap memory corruption) or possibly execute arbitrary code via a crafted .js file, because unrecognized \ characters cause incorrect 0x00 characters in bytecode.literal data.
CVE-2023-30410	1 Jerryscript	1 Jerryscript	2025-02-05	5.5 Medium
Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component ecma_op_function_construct at /operations/ecma-function-object.c.
CVE-2023-30408	1 Jerryscript	1 Jerryscript	2025-02-05	5.5 Medium
Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component build/bin/jerry.
CVE-2023-30406	1 Jerryscript	1 Jerryscript	2025-02-05	5.5 Medium
Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component ecma_find_named_property at /base/ecma-helpers.c.
CVE-2023-30414	1 Jerryscript	1 Jerryscript	2025-02-04	5.5 Medium
Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component vm_loop at /jerry-core/vm/vm.c.
CVE-2023-31910	1 Jerryscript	1 Jerryscript	2025-01-28	7.8 High
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component parser_parse_function_statement at /jerry-core/parser/js/js-parser-statm.c.
CVE-2023-31908	1 Jerryscript	1 Jerryscript	2025-01-28	7.8 High
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component ecma_builtin_typedarray_prototype_sort.
CVE-2023-31907	1 Jerryscript	1 Jerryscript	2025-01-27	7.8 High
Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via the component scanner_literal_is_created at /jerry-core/parser/js/js-scanner-util.c.
CVE-2023-31906	1 Jerryscript	1 Jerryscript	2025-01-27	7.8 High
Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c.
CVE-2023-31919	1 Jerryscript	1 Jerryscript	2025-01-24	5.5 Medium
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the jcontext_raise_exception at jerry-core/jcontext/jcontext.c.
CVE-2023-31918	1 Jerryscript	1 Jerryscript	2025-01-24	5.5 Medium
Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-core/parser/js/js-parser.c.
CVE-2023-31914	1 Jerryscript	1 Jerryscript	2025-01-24	5.5 Medium
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc.
CVE-2023-31913	1 Jerryscript	1 Jerryscript	2025-01-24	5.5 Medium
Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c.
CVE-2023-31916	1 Jerryscript	1 Jerryscript	2025-01-24	5.5 Medium
Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c.

Page 1 of 5. next last »