Product
jerryscript
98 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-33260
CVE-2024-33259
CVE-2024-33258
CVE-2024-33255
CVE-2024-29489
CVE-2023-36109
CVE-2023-38961
CVE-2020-24187
CVE-2023-36201
CVE-2020-22597
CVE-2023-34868
CVE-2023-34867
CVE-2023-31921
CVE-2023-31920
CVE-2023-31919
CVE-2023-31918
CVE-2023-31916
CVE-2023-31914
CVE-2023-31913
CVE-2023-31910
CVE-2023-31908
CVE-2023-31907
CVE-2023-31906
CVE-2023-30414
CVE-2023-30410
CVE-2023-30408
CVE-2023-30406
CVE-2022-32117
CVE-2021-41683
CVE-2021-41682
CVE-2021-42863
CVE-2021-41959
CVE-2021-43453
CVE-2021-41752
CVE-2021-41751
CVE-2022-22901
CVE-2021-44994
CVE-2021-44993
CVE-2021-44992
CVE-2021-44988
CVE-2022-22895
CVE-2022-22894
CVE-2022-22893
CVE-2022-22892
CVE-2022-22891
CVE-2022-22890
CVE-2022-22888
CVE-2021-46351
CVE-2021-46350
CVE-2021-46349
CVE-2021-46348
CVE-2021-46347
CVE-2021-46346
CVE-2021-46345
CVE-2021-46344
CVE-2021-46343
CVE-2021-46342
CVE-2021-46340
CVE-2021-46339
CVE-2021-46338
CVE-2021-46337
CVE-2021-46336
CVE-2021-46170
CVE-2021-26199
CVE-2021-26198
CVE-2021-26197
CVE-2021-26195
CVE-2021-26194
CVE-2020-23323
CVE-2020-23322
CVE-2020-23321
CVE-2020-23320
CVE-2020-23319
CVE-2020-23314
CVE-2020-23313
CVE-2020-23312
CVE-2020-23311
CVE-2020-23310
CVE-2020-23309
CVE-2020-23308
CVE-2020-23306
CVE-2020-23303
CVE-2020-23302
CVE-2020-29657
CVE-2020-13991
CVE-2020-24345
CVE-2020-24344
CVE-2020-14163
CVE-2020-13649
CVE-2020-13623
CVE-2020-13622
CVE-2019-1010176
CVE-2018-1000636
CVE-2018-11419
CVE-2018-11418
CVE-2017-18212
CVE-2017-14749
CVE-2017-9250
all versions
Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component parser_parse_class at jerry-core/p
all versions
Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component scanner_seek at jerry-core/parser/
all versions
Jerryscript commit ff9ff8f was discovered to contain a segmentation violation via the component vm_loop at jerry-core/vm/vm.c.
all versions
Jerryscript commit cefd391 was discovered to contain an Assertion Failure via ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p) in ecma_
< 3.0.0
Jerryscript 2.4.0 has SEGV at ./jerry-core/ecma/base/ecma-helpers.c:238:58 in ecma_get_object_type.
all versions
Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecma_stringbuilder
all versions
Buffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0 allows a remote attacker to execute arbitrary code via th
all versions
An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS)
all versions
An issue in JerryscriptProject jerryscript v.3.0.0 allows an attacker to obtain sensitive information via a crafted script to the
all versions
An issue in Jerrscript-project Jerryscrip v. 2.3.0 allows a remote attacker to execute arbitrary code via the ecma_builtin_array_p
all versions
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the parser_parse_for_statement_start at jerry-
all versions
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core
all versions
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_big_uint_div_mod at jerry-core/ecma/o
all versions
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the vm_loop at jerry-core/vm/vm.c.
all versions
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the jcontext_raise_exception at jerry-core/jco
all versions
Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-c
all versions
Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem
all versions
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc.
all versions
Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core
all versions
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component parser_parse_function_statemen
all versions
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component ecma_builtin_typedarray_protot
all versions
Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via the component scanner_literal_is_created at /jerry-core/par
all versions
Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_c
all versions
Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component vm_loop at /jerry-core/vm/vm.c.
all versions
Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component ecma_op_function_construct at /operations/
all versions
Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component build/bin/jerry.
all versions
Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component ecma_find_named_property at /base/
all versions
Jerryscript v2.4.0 was discovered to contain a stack buffer overflow via the function jerryx_print_unhandled_exception in /util/pr
all versions
There is a stack-overflow at ecma-helpers.c:326 in ecma_get_lex_env_type in JerryScript 2.4.0
all versions
There is a heap-use-after-free at ecma-helpers-string.c:1940 in ecma_compare_ecma_non_direct_strings in JerryScript 2.4.0
< 2021-10-15
A buffer overflow in ecma_builtin_typedarray_prototype_filter() in JerryScript version fe3a5c0 allows an attacker to construct a f
all versions
JerryScript Git version 14ff5bf does not sufficiently track and release allocated memory via jerry-core/ecma/operations/ecma-regex
<= 2.4.0
A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions via an out-of-bounds read in parser_pars
< 2021-10-20
Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021 due to an unbou
< 2021-10-20
Buffer overflow vulnerability in file ecma-builtin-array-prototype.c:909 in function ecma_builtin_array_prototype_object_slice in
all versions
There is an Assertion in 'context_p-next_scanner_info_p-type == SCANNER_TYPE_FUNCTION' failed at parser_parse_function_arguments i
all versions
There is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0'' failed at /jerry-core/jmem/jmem-heap.c in Jerryscript 3.0.
all versions
There is an Assertion ''ecma_is_value_boolean (base_value)'' failed at /jerry-core/ecma/operations/ecma-get-put-value.c in Jerrysc
all versions
There is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at /jerry-core/ecma/operations/ecma-typedarray-object.c in Jerr
all versions
Jerryscript v3.0.0 and below was discovered to contain a stack overflow via ecma_find_named_property in ecma-helpers.c.
all versions
Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via ecma_utf8_string_to_number_by_radix in /jerry-core/ecma/bas
all versions
Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_lcache_lookup in /jerry-core/ecma/base/ecma-lcache.c.
all versions
Jerryscript 3.0.0 was discovered to contain a stack overflow via vm_loop.lto_priv.304 in /jerry-core/vm/vm.c.
all versions
There is an Assertion 'ecma_is_value_undefined (value) || ecma_is_value_null (value) || ecma_is_value_boolean (value) || ecma_is_v
all versions
Jerryscript 3.0.0 was discovered to contain a SEGV vulnerability via ecma_ref_object_inline in /jerry-core/ecma/base/ecma-gc.c.
all versions
There is an Assertion 'arguments_type != SCANNER_ARGUMENTS_PRESENT && arguments_type != SCANNER_ARGUMENTS_PRESENT_NO_REG' failed a
all versions
Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_op_object_find_own in /ecma/operations/ecma-objects.c.
all versions
There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustment (date_value)' failed at /jerry-core/ecma/builtin-objects/
all versions
There is an Assertion 'ecma_is_value_object (value)' failed at jerryscript/jerry-core/ecma/base/ecma-helpers-value.c in JerryScrip
all versions
There is an Assertion 'type == ECMA_OBJECT_TYPE_GENERAL || type == ECMA_OBJECT_TYPE_PROXY' failed at /jerry-core/ecma/operations/e
all versions
There is an Assertion 'ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p)' failed at /jerry-core/ecma/base/ecma-literal-storage.c in Jerr
all versions
There is an Assertion 'ecma_object_check_class_name_is_object (obj_p)' failed at /jerry-core/ecma/operations/ecma-objects.c in Jer
all versions
There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustment (date_value)' failed at /jerry-core/ecma/builtin-objects/
all versions
There is an Assertion 'cesu8_cursor_p == cesu8_end_p' failed at /jerry-core/lit/lit-strings.c in JerryScript 3.0.0.
all versions
There is an Assertion 'flags & PARSER_PATTERN_HAS_REST_ELEMENT' failed at /jerry-core/parser/js/js-parser-expr.c in JerryScript 3.
all versions
There is an Assertion 'context_p-token.type == LEXER_LITERAL' failed at /jerry-core/parser/js/js-parser-expr.c in JerryScript 3.0.
all versions
There is an Assertion 'ecma_is_lexical_environment (obj_p) || !ecma_op_object_is_fast_array (obj_p)' failed at /jerry-core/ecma/ba
all versions
There is an Assertion 'context_p-stack_top_uint8 == SCAN_STACK_TRY_STATEMENT || context_p-stack_top_uint8 == SCAN_STACK_CATCH_STAT
all versions
There is an Assertion 'lit_is_valid_cesu8_string (string_p, string_size)' failed at /base/ecma-helpers-string.c(ecma_new_ecma_stri
all versions
There is an Assertion 'ecma_is_lexical_environment (object_p)' failed at /base/ecma-helpers.c(ecma_get_lex_env_type) in JerryScrip
all versions
There is an Assertion 'page_p != NULL' failed at /parser/js/js-parser-mem.c(parser_list_get) in JerryScript 3.0.0.
all versions
There is an Assertion 'opts & PARSER_CLASS_LITERAL_CTOR_PRESENT' failed at /parser/js/js-parser-expr.c(parser_parse_class_body) in
all versions
An issue was discovered in JerryScript commit a6ab5e9. There is an Use-After-Free in lexer_compare_identifier_to_string in js-lexe
all versions
An issue was discovered in JerryScript 2.4.0. There is a heap-use-after-free in ecma_bytecode_ref in ecma-helpers.c file.
all versions
An issue was discovered in JerryScript 2.4.0. There is a SEVG in ecma_deref_bigint in ecma-helpers.c file.
all versions
An issue was discovered in JerryScript 2.4.0. There is a SEGV in main_print_unhandled_exception in main-utils.c file.
all versions
An issue was discovered in JerryScript 2.4.0. There is a heap-buffer-overflow in lexer_parse_number in js-lexer.c file.
all versions
An issue was discovered in JerryScript 2.4.0. There is a heap-use-after-free in ecma_is_lexical_environment in the ecma-helpers.c
all versions
There is a heap-buffer-overflow at re-parser.c in re_parse_char_escape in JerryScript 2.2.0.
all versions
There is an Assertion in 'context_p-token.type == LEXER_RIGHT_BRACE || context_p-token.type == LEXER_ASSIGN || context_p-token.typ
all versions
There is a heap-buffer-overflow at lit-strings.c:431 in lit_read_code_unit_from_utf8 in JerryScript 2.2.0.
all versions
There is an Assertion in 'context_p-next_scanner_info_p-type == SCANNER_TYPE_FUNCTION' in parser_parse_function_arguments in Jerry
all versions
There is an Assertion in '(flags >> CBC_STACK_ADJUST_SHIFT) >= CBC_STACK_ADJUST_BASE || (CBC_STACK_ADJUST_BASE - (flags >> CBC_STA
all versions
There is an Assertion 'block_found' failed at js-parser-statm.c:2003 parser_parse_try_statement_end in JerryScript 2.2.0.
all versions
There is an Assertion 'scope_stack_p > context_p-scope_stack_p' failed at js-scanner-util.c:2510 in scanner_literal_is_created in
all versions
There is an Assertion 'context.status_flags & PARSER_SCANNING_SUCCESSFUL' failed at js-parser.c:2185 in parser_parse_source in Jer
all versions
There is an Assertion 'context_p-token.type == LEXER_RIGHT_BRACE || context_p-token.type == LEXER_ASSIGN || context_p-token.type =
all versions
There is an Assertion 'context_p-next_scanner_info_p-type == SCANNER_TYPE_FUNCTION' failed at js-parser-statm.c:733 in parser_pars
all versions
There is an Assertion 'context_p-stack_depth == context_p-context_stack_depth' failed at js-parser-statm.c:2756 in parser_parse_st
all versions
There is an Assertion 'context_p-stack_top_uint8 == LEXER_EXPRESSION_START' at js-parser-expr.c:3565 in parser_parse_expression in
all versions
There is a stack-overflow at ecma-regexp-object.c:535 in ecma_regexp_match in JerryScript 2.2.0.
all versions
There is a heap-buffer-overflow at jmem-poolman.c:165 in jmem_pools_collect_empty in JerryScript 2.2.0.
all versions
There is a heap-use-after-free at ecma-helpers-string.c:772 in ecma_ref_ecma_string in JerryScript 2.2.0
all versions
In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unhandled_exception in the main-utils.c file.
all versions
vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register.
<= 2.3.0
JerryScript through 2.3.0 allows stack consumption via function a(){new new Proxy(a,{})}JSON.parse("[]",a). NOTE: the vendor state
<= 2.3.0
JerryScript through 2.3.0 has a (function({a=arguments}){const arguments}) buffer over-read.
all versions
An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0. Operations with key/value pairs did not c
all versions
parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanne
all versions
JerryScript 2.2.0 allows attackers to cause a denial of service (stack consumption) via a proxy operation.
all versions
JerryScript 2.2.0 allows attackers to cause a denial of service (assertion failure) because a property key query for a Proxy objec
< 2.0
JerryScript commit 4e58ccf68070671e1fff5cd6673f0c1d5b80b166 is affected by: Buffer Overflow. The impact is: denial of service and
all versions
JerryScript version Tested on commit f86d7459d195c8ba58479d1861b0cc726c8b3793. Analysing history it seems that the issue has been
all versions
An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function via
all versions
An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_utf8 function vi
all versions
An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function in
all versions
JerryScript 1.0 allows remote attackers to cause a denial of service (jmem_heap_alloc_block_internal heap memory corruption) or po
all versions
The lexer_process_char_literal function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for