Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/60201?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/60201?format=api", "purl": "pkg:conan/jerryscript@3.0.0", "type": "conan", "namespace": "", "name": "jerryscript", "version": "3.0.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42146?format=api", "vulnerability_id": "VCID-1dmn-erdq-43gv", "summary": "Out-of-bounds Write\nJerryscript was discovered to contain a stack overflow via ecma_lcache_lookup in /jerry-core/ecma/base/ecma-lcache.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4890" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22894", "reference_id": "CVE-2022-22894", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22894" } ], "fixed_packages": [], "aliases": [ "CVE-2022-22894" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1dmn-erdq-43gv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42114?format=api", "vulnerability_id": "VCID-1h9u-ym8m-jbav", "summary": "Reachable Assertion\nThere is an Assertion 'ecma_object_check_class_name_is_object (obj_p)' failed at /jerry-core/ecma/operations/ecma-objects.c in JerryScript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4938" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46347", "reference_id": "CVE-2021-46347", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46347" } ], "fixed_packages": [], "aliases": [ "CVE-2021-46347" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1h9u-ym8m-jbav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42109?format=api", "vulnerability_id": "VCID-27cg-rjmx-pqb4", "summary": "Reachable Assertion\nThere is an Assertion 'ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p)' failed at /jerry-core/ecma/base/ecma-literal-storage.c in JerryScript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4941" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46348", "reference_id": "CVE-2021-46348", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46348" } ], "fixed_packages": [], "aliases": [ "CVE-2021-46348" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-27cg-rjmx-pqb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42104?format=api", "vulnerability_id": "VCID-2prq-dcy2-8khr", "summary": "Reachable Assertion\nThere is an Assertion 'context_p->stack_top_uint8 == SCAN_STACK_TRY_STATEMENT || context_p->stack_top_uint8 == SCAN_STACK_CATCH_STATEMENT' failed at /parser/js/js-scanner.c(scanner_scan_statement_end) in JerryScript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4924" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46340", "reference_id": "CVE-2021-46340", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46340" } ], "fixed_packages": [], "aliases": [ "CVE-2021-46340" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2prq-dcy2-8khr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42103?format=api", "vulnerability_id": "VCID-2xq3-mq8n-fkfc", "summary": "Reachable Assertion\nThere is an Assertion 'context_p->token.type == LEXER_LITERAL' failed at /jerry-core/parser/js/js-parser-expr.c in JerryScript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4921" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46343", "reference_id": "CVE-2021-46343", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46343" } ], "fixed_packages": [], "aliases": [ "CVE-2021-46343" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2xq3-mq8n-fkfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42120?format=api", "vulnerability_id": "VCID-3y3s-cktx-a7fy", "summary": "Reachable Assertion\nThere is an Assertion 'ecma_is_lexical_environment (object_p)' failed at /base/ecma-helpers.c(ecma_get_lex_env_type) in JerryScript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4900" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46338", "reference_id": "CVE-2021-46338", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46338" } ], "fixed_packages": [], "aliases": [ "CVE-2021-46338" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3y3s-cktx-a7fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45397?format=api", "vulnerability_id": "VCID-55gv-vq2s-33g9", "summary": "Reachable Assertion\nJerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the parser_parse_for_statement_start at jerry-core/parser/js/js-parser-statm.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/5083", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/5083" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34868", "reference_id": "CVE-2023-34868", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34868" } ], "fixed_packages": [], "aliases": [ "CVE-2023-34868" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-55gv-vq2s-33g9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42105?format=api", "vulnerability_id": "VCID-6z4b-cv6b-tqgy", "summary": "Reachable Assertion\nThere is an Assertion 'lit_is_valid_cesu8_string (string_p, string_size)' failed at /base/ecma-helpers-string.c(ecma_new_ecma_string_from_utf8) in JerryScript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4935" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46339", "reference_id": "CVE-2021-46339", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46339" } ], "fixed_packages": [], "aliases": [ "CVE-2021-46339" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6z4b-cv6b-tqgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42150?format=api", "vulnerability_id": "VCID-75m8-ty1f-qbfy", "summary": "Reachable Assertion\nThere is an Assertion 'ecma_is_value_undefined (value) || ecma_is_value_null (value) || ecma_is_value_boolean (value) || ecma_is_value_number (value) || ecma_is_value_string (value) || ecma_is_value_bigint (value) || ecma_is_value_symbol (value) || ecma_is_value_object (value)' failed at jerry-core/ecma/base/ecma-helpers-value.c in Jerryscripts", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4872" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22892", "reference_id": "CVE-2022-22892", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22892" } ], "fixed_packages": [], "aliases": [ "CVE-2022-22892" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-75m8-ty1f-qbfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42133?format=api", "vulnerability_id": "VCID-96gz-7p7d-kye6", "summary": "Out-of-bounds Write\nJerryscript was discovered to contain a heap-buffer-overflow via ecma_utf8_string_to_number_by_radix in /jerry-core/ecma/base/ecma-helpers-conversion.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4850", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4850" }, { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4882" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22895", "reference_id": "CVE-2022-22895", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22895" } ], "fixed_packages": [], "aliases": [ "CVE-2022-22895" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-96gz-7p7d-kye6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42174?format=api", "vulnerability_id": "VCID-9mgp-bp1a-a7d4", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThere is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at /jerry-core/ecma/operations/ecma-typedarray-object.c in Jerryscript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4875", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4875" }, { "reference_url": "https://security.samsungmobile.com/securityUpdate.smsb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.samsungmobile.com/securityUpdate.smsb" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44992", "reference_id": "CVE-2021-44992", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44992" } ], "fixed_packages": [], "aliases": [ "CVE-2021-44992" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9mgp-bp1a-a7d4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42183?format=api", "vulnerability_id": "VCID-agbb-mdrb-j3du", "summary": "Out-of-bounds Write\nJerryscript v3.0.0 was discovered to contain a stack overflow via ecma_find_named_property in ecma-helpers.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4890" }, { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4891" }, { "reference_url": "https://security.samsungmobile.com/securityUpdate.smsb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.samsungmobile.com/securityUpdate.smsb" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44988", "reference_id": "CVE-2021-44988", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44988" } ], "fixed_packages": [], "aliases": [ "CVE-2021-44988" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-agbb-mdrb-j3du" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42182?format=api", "vulnerability_id": "VCID-bhk2-uvwq-qqa5", "summary": "Reachable Assertion\nThere is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0'' failed at /jerry-core/jmem/jmem-heap.c in Jerryscript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4894", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4894" }, { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4895" }, { "reference_url": "https://security.samsungmobile.com/securityUpdate.smsb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.samsungmobile.com/securityUpdate.smsb" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44994", "reference_id": "CVE-2021-44994", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44994" } ], "fixed_packages": [], "aliases": [ "CVE-2021-44994" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bhk2-uvwq-qqa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42129?format=api", "vulnerability_id": "VCID-caxw-hx6n-dqed", "summary": "Out-of-bounds Read\nJerryscript was discovered to contain a SEGV vulnerability via ecma_ref_object_inline in /jerry-core/ecma/base/ecma-gc.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4871" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22891", "reference_id": "CVE-2022-22891", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22891" } ], "fixed_packages": [], "aliases": [ "CVE-2022-22891" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-caxw-hx6n-dqed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42108?format=api", "vulnerability_id": "VCID-cyff-fter-jyfe", "summary": "Reachable Assertion\nThere is an Assertion 'local_tza == ecma_date_local_time_zone_adjustment (date_value)' failed at /jerry-core/ecma/builtin-objects/ecma-builtin-date-prototype.c(ecma_builtin_date_prototype_dispatch_set):421 in JerryScript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4940" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46351", "reference_id": "CVE-2021-46351", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46351" } ], "fixed_packages": [], "aliases": [ "CVE-2021-46351" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cyff-fter-jyfe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42111?format=api", "vulnerability_id": "VCID-e6pp-ehvp-v3fs", "summary": "Reachable Assertion\nThere is an Assertion 'arguments_type != SCANNER_ARGUMENTS_PRESENT && arguments_type != SCANNER_ARGUMENTS_PRESENT_NO_REG' failed at /jerry-core/parser/js/js-scanner-util.c in Jerryscript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4847", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4847" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22890", "reference_id": "CVE-2022-22890", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22890" } ], "fixed_packages": [], "aliases": [ "CVE-2022-22890" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6pp-ehvp-v3fs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45174?format=api", "vulnerability_id": "VCID-eeup-qx6t-puh9", "summary": "Reachable Assertion\nJerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the jcontext_raise_exception at jerry-core/jcontext/jcontext.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/5069", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/5069" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31919", "reference_id": "CVE-2023-31919", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31919" } ], "fixed_packages": [], "aliases": [ "CVE-2023-31919" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eeup-qx6t-puh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45173?format=api", "vulnerability_id": "VCID-enra-h154-hyhu", "summary": "Reachable Assertion\nJerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-core/parser/js/js-parser.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/5064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/5064" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31918", "reference_id": "CVE-2023-31918", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31918" } ], "fixed_packages": [], "aliases": [ "CVE-2023-31918" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-enra-h154-hyhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42121?format=api", "vulnerability_id": "VCID-h53g-vkxw-5fgy", "summary": "Out-of-bounds Write\nJerryscript was discovered to contain a stack overflow via ecma_op_object_find_own in /ecma/operations/ecma-objects.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4848", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4848" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22888", "reference_id": "CVE-2022-22888", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22888" } ], "fixed_packages": [], "aliases": [ "CVE-2022-22888" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h53g-vkxw-5fgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45152?format=api", "vulnerability_id": "VCID-m9wh-1w5u-p7a1", "summary": "Out-of-bounds Write\nJerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via the component scanner_literal_is_created at /jerry-core/parser/js/js-scanner-util.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/5073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/5073" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31907", "reference_id": "CVE-2023-31907", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31907" } ], "fixed_packages": [], "aliases": [ "CVE-2023-31907" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m9wh-1w5u-p7a1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42112?format=api", "vulnerability_id": "VCID-mscu-ujzn-cyfv", "summary": "Reachable Assertion\nThere is an Assertion 'ecma_is_lexical_environment (obj_p) || !ecma_op_object_is_fast_array (obj_p)' failed at /jerry-core/ecma/base/ecma-helpers.c in JerryScript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4934" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46342", "reference_id": "CVE-2021-46342", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46342" } ], "fixed_packages": [], "aliases": [ "CVE-2021-46342" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mscu-ujzn-cyfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45895?format=api", "vulnerability_id": "VCID-my7c-dmwn-ruck", "summary": "Out-of-bounds Write\nBuffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0 allows a remote attacker to execute arbitrary code via the scanner_is_context_needed component in js-scanner-until.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/5092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/5092" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38961", "reference_id": "CVE-2023-38961", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38961" } ], "fixed_packages": [], "aliases": [ "CVE-2023-38961" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-my7c-dmwn-ruck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42107?format=api", "vulnerability_id": "VCID-nzxx-wpdu-53dv", "summary": "Reachable Assertion\nThere is an Assertion 'page_p != NULL' failed at /parser/js/js-parser-mem.c(parser_list_get) in JerryScript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4930" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46337", "reference_id": "CVE-2021-46337", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46337" } ], "fixed_packages": [], "aliases": [ "CVE-2021-46337" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nzxx-wpdu-53dv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45167?format=api", "vulnerability_id": "VCID-pk9x-w83a-pbf7", "summary": "Reachable Assertion\nJerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/5062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/5062" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31916", "reference_id": "CVE-2023-31916", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31916" } ], "fixed_packages": [], "aliases": [ "CVE-2023-31916" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pk9x-w83a-pbf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45176?format=api", "vulnerability_id": "VCID-pkt4-nu1n-77cg", "summary": "Reachable Assertion\nJerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the vm_loop at jerry-core/vm/vm.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/5070", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/5070" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31920", "reference_id": "CVE-2023-31920", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31920" } ], "fixed_packages": [], "aliases": [ "CVE-2023-31920" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pkt4-nu1n-77cg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42116?format=api", "vulnerability_id": "VCID-pr6g-yv9y-byhf", "summary": "Reachable Assertion\nThere is an Assertion 'ecma_is_value_object (value)' failed at jerryscript/jerry-core/ecma/base/ecma-helpers-value.c in JerryScript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4936", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4936" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46350", "reference_id": "CVE-2021-46350", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46350" } ], "fixed_packages": [], "aliases": [ "CVE-2021-46350" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pr6g-yv9y-byhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45146?format=api", "vulnerability_id": "VCID-u4va-nsrk-pkgr", "summary": "Out-of-bounds Write\nJerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component parser_parse_function_statement at /jerry-core/parser/js/js-parser-statm.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/5076", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/5076" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31910", "reference_id": "CVE-2023-31910", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31910" } ], "fixed_packages": [], "aliases": [ "CVE-2023-31910" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u4va-nsrk-pkgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45388?format=api", "vulnerability_id": "VCID-ucve-wqaq-5yd1", "summary": "Reachable Assertion\nJerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/5084", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/5084" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34867", "reference_id": "CVE-2023-34867", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34867" } ], "fixed_packages": [], "aliases": [ "CVE-2023-34867" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ucve-wqaq-5yd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42110?format=api", "vulnerability_id": "VCID-uefz-v5rg-8bgx", "summary": "Reachable Assertion\nThere is an Assertion 'cesu8_cursor_p == cesu8_end_p' failed at /jerry-core/lit/lit-strings.c in JerryScript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4920", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4920" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46345", "reference_id": "CVE-2021-46345", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46345" } ], "fixed_packages": [], "aliases": [ "CVE-2021-46345" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uefz-v5rg-8bgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42117?format=api", "vulnerability_id": "VCID-ueya-bx43-73hf", "summary": "Reachable Assertion\nThere is an Assertion 'local_tza == ecma_date_local_time_zone_adjustment (date_value)' failed at /jerry-core/ecma/builtin-objects/ecma-builtin-date-prototype.c(ecma_builtin_date_prototype_dispatch_set):421 in JerryScript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4939" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46346", "reference_id": "CVE-2021-46346", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46346" } ], "fixed_packages": [], "aliases": [ "CVE-2021-46346" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ueya-bx43-73hf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42141?format=api", "vulnerability_id": "VCID-uye6-f6w4-wqb3", "summary": "Out-of-bounds Write\nJerryscript was discovered to contain a stack overflow via vm_loop.lto_priv.304 in /jerry-core/vm/vm.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4901" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22893", "reference_id": "CVE-2022-22893", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22893" } ], "fixed_packages": [], "aliases": [ "CVE-2022-22893" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uye6-f6w4-wqb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45180?format=api", "vulnerability_id": "VCID-uzvh-qmgc-juf7", "summary": "Memory Allocation with Excessive Size Value\nJerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/5071", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/5071" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31914", "reference_id": "CVE-2023-31914", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31914" } ], "fixed_packages": [], "aliases": [ "CVE-2023-31914" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uzvh-qmgc-juf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42181?format=api", "vulnerability_id": "VCID-wjwq-qn34-1qd2", "summary": "Reachable Assertion\nThere is an Assertion ''ecma_is_value_boolean (base_value)'' failed at /jerry-core/ecma/operations/ecma-get-put-value.c in Jerryscript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4876" }, { "reference_url": "https://security.samsungmobile.com/securityUpdate.smsb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.samsungmobile.com/securityUpdate.smsb" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44993", "reference_id": "CVE-2021-44993", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44993" } ], "fixed_packages": [], "aliases": [ "CVE-2021-44993" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wjwq-qn34-1qd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42106?format=api", "vulnerability_id": "VCID-xv39-kbyz-7feu", "summary": "Reachable Assertion\nThere is an Assertion 'opts & PARSER_CLASS_LITERAL_CTOR_PRESENT' failed at /parser/js/js-parser-expr.c(parser_parse_class_body) in JerryScript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4927" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46336", "reference_id": "CVE-2021-46336", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46336" } ], "fixed_packages": [], "aliases": [ "CVE-2021-46336" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xv39-kbyz-7feu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45166?format=api", "vulnerability_id": "VCID-y6qb-5zby-a3cp", "summary": "Reachable Assertion\nJerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_big_uint_div_mod at jerry-core/ecma/operations/ecma-big-uint.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/5068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/5068" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31921", "reference_id": "CVE-2023-31921", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31921" } ], "fixed_packages": [], "aliases": [ "CVE-2023-31921" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y6qb-5zby-a3cp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45163?format=api", "vulnerability_id": "VCID-ycvt-ak76-duge", "summary": "Reachable Assertion\nJerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/5061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/5061" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31913", "reference_id": "CVE-2023-31913", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31913" } ], "fixed_packages": [], "aliases": [ "CVE-2023-31913" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ycvt-ak76-duge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42113?format=api", "vulnerability_id": "VCID-zbqb-uwgx-nffg", "summary": "Reachable Assertion\nThere is an Assertion 'flags & PARSER_PATTERN_HAS_REST_ELEMENT' failed at /jerry-core/parser/js/js-parser-expr.c in JerryScript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4928" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46344", "reference_id": "CVE-2021-46344", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46344" } ], "fixed_packages": [], "aliases": [ "CVE-2021-46344" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zbqb-uwgx-nffg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42115?format=api", "vulnerability_id": "VCID-ze5f-j4ny-8ueh", "summary": "Reachable Assertion\nThere is an Assertion 'type == ECMA_OBJECT_TYPE_GENERAL || type == ECMA_OBJECT_TYPE_PROXY' failed at /jerry-core/ecma/operations/ecma-objects.c in JerryScript", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/4937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/4937" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46349", "reference_id": "CVE-2021-46349", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46349" } ], "fixed_packages": [], "aliases": [ "CVE-2021-46349" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ze5f-j4ny-8ueh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45156?format=api", "vulnerability_id": "VCID-zm48-kdxj-mub9", "summary": "Out-of-bounds Write\nJerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c.", "references": [ { "reference_url": "https://github.com/jerryscript-project/jerryscript/issues/5066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jerryscript-project/jerryscript/issues/5066" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31906", "reference_id": "CVE-2023-31906", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31906" } ], "fixed_packages": [], "aliases": [ "CVE-2023-31906" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zm48-kdxj-mub9" } ], "fixing_vulnerabilities": [], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/jerryscript@3.0.0" }