Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:conan/jerryscript@3.0.0
Typeconan
Namespace
Namejerryscript
Version3.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-1dmn-erdq-43gv
vulnerability_id VCID-1dmn-erdq-43gv
summary 
Out-of-bounds Write
Jerryscript was discovered to contain a stack overflow via ecma_lcache_lookup in /jerry-core/ecma/base/ecma-lcache.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4890
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4890
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22894
reference_id CVE-2022-22894
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-22894
fixed_packages
aliases CVE-2022-22894
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1dmn-erdq-43gv
1
url VCID-1h9u-ym8m-jbav
vulnerability_id VCID-1h9u-ym8m-jbav
summary 
Reachable Assertion
There is an Assertion 'ecma_object_check_class_name_is_object (obj_p)' failed at /jerry-core/ecma/operations/ecma-objects.c in JerryScript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4938
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4938
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46347
reference_id CVE-2021-46347
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-46347
fixed_packages
aliases CVE-2021-46347
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1h9u-ym8m-jbav
2
url VCID-27cg-rjmx-pqb4
vulnerability_id VCID-27cg-rjmx-pqb4
summary 
Reachable Assertion
There is an Assertion 'ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p)' failed at /jerry-core/ecma/base/ecma-literal-storage.c in JerryScript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4941
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4941
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46348
reference_id CVE-2021-46348
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-46348
fixed_packages
aliases CVE-2021-46348
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-27cg-rjmx-pqb4
3
url VCID-2prq-dcy2-8khr
vulnerability_id VCID-2prq-dcy2-8khr
summary 
Reachable Assertion
There is an Assertion 'context_p->stack_top_uint8 == SCAN_STACK_TRY_STATEMENT || context_p->stack_top_uint8 == SCAN_STACK_CATCH_STATEMENT' failed at /parser/js/js-scanner.c(scanner_scan_statement_end) in JerryScript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4924
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4924
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46340
reference_id CVE-2021-46340
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-46340
fixed_packages
aliases CVE-2021-46340
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2prq-dcy2-8khr
4
url VCID-2xq3-mq8n-fkfc
vulnerability_id VCID-2xq3-mq8n-fkfc
summary 
Reachable Assertion
There is an Assertion 'context_p->token.type == LEXER_LITERAL' failed at /jerry-core/parser/js/js-parser-expr.c in JerryScript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4921
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4921
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46343
reference_id CVE-2021-46343
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-46343
fixed_packages
aliases CVE-2021-46343
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xq3-mq8n-fkfc
5
url VCID-3y3s-cktx-a7fy
vulnerability_id VCID-3y3s-cktx-a7fy
summary 
Reachable Assertion
There is an Assertion 'ecma_is_lexical_environment (object_p)' failed at /base/ecma-helpers.c(ecma_get_lex_env_type) in JerryScript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4900
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4900
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46338
reference_id CVE-2021-46338
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-46338
fixed_packages
aliases CVE-2021-46338
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3y3s-cktx-a7fy
6
url VCID-55gv-vq2s-33g9
vulnerability_id VCID-55gv-vq2s-33g9
summary 
Reachable Assertion
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the parser_parse_for_statement_start at jerry-core/parser/js/js-parser-statm.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/5083
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/5083
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-34868
reference_id CVE-2023-34868
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-34868
fixed_packages
aliases CVE-2023-34868
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-55gv-vq2s-33g9
7
url VCID-6z4b-cv6b-tqgy
vulnerability_id VCID-6z4b-cv6b-tqgy
summary 
Reachable Assertion
There is an Assertion 'lit_is_valid_cesu8_string (string_p, string_size)' failed at /base/ecma-helpers-string.c(ecma_new_ecma_string_from_utf8) in JerryScript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4935
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4935
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46339
reference_id CVE-2021-46339
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-46339
fixed_packages
aliases CVE-2021-46339
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6z4b-cv6b-tqgy
8
url VCID-75m8-ty1f-qbfy
vulnerability_id VCID-75m8-ty1f-qbfy
summary 
Reachable Assertion
There is an Assertion 'ecma_is_value_undefined (value) || ecma_is_value_null (value) || ecma_is_value_boolean (value) || ecma_is_value_number (value) || ecma_is_value_string (value) || ecma_is_value_bigint (value) || ecma_is_value_symbol (value) || ecma_is_value_object (value)' failed at jerry-core/ecma/base/ecma-helpers-value.c in Jerryscripts
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4872
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4872
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22892
reference_id CVE-2022-22892
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-22892
fixed_packages
aliases CVE-2022-22892
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-75m8-ty1f-qbfy
9
url VCID-96gz-7p7d-kye6
vulnerability_id VCID-96gz-7p7d-kye6
summary 
Out-of-bounds Write
Jerryscript was discovered to contain a heap-buffer-overflow via ecma_utf8_string_to_number_by_radix in /jerry-core/ecma/base/ecma-helpers-conversion.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4850
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4850
1
reference_url https://github.com/jerryscript-project/jerryscript/issues/4882
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4882
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22895
reference_id CVE-2022-22895
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-22895
fixed_packages
aliases CVE-2022-22895
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-96gz-7p7d-kye6
10
url VCID-9mgp-bp1a-a7d4
vulnerability_id VCID-9mgp-bp1a-a7d4
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
There is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at /jerry-core/ecma/operations/ecma-typedarray-object.c in Jerryscript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4875
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4875
1
reference_url https://security.samsungmobile.com/securityUpdate.smsb
reference_id
reference_type
scores
url https://security.samsungmobile.com/securityUpdate.smsb
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44992
reference_id CVE-2021-44992
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-44992
fixed_packages
aliases CVE-2021-44992
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9mgp-bp1a-a7d4
11
url VCID-agbb-mdrb-j3du
vulnerability_id VCID-agbb-mdrb-j3du
summary 
Out-of-bounds Write
Jerryscript v3.0.0 was discovered to contain a stack overflow via ecma_find_named_property in ecma-helpers.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4890
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4890
1
reference_url https://github.com/jerryscript-project/jerryscript/issues/4891
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4891
2
reference_url https://security.samsungmobile.com/securityUpdate.smsb
reference_id
reference_type
scores
url https://security.samsungmobile.com/securityUpdate.smsb
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44988
reference_id CVE-2021-44988
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-44988
fixed_packages
aliases CVE-2021-44988
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-agbb-mdrb-j3du
12
url VCID-bhk2-uvwq-qqa5
vulnerability_id VCID-bhk2-uvwq-qqa5
summary 
Reachable Assertion
There is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0'' failed at /jerry-core/jmem/jmem-heap.c in Jerryscript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4894
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4894
1
reference_url https://github.com/jerryscript-project/jerryscript/issues/4895
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4895
2
reference_url https://security.samsungmobile.com/securityUpdate.smsb
reference_id
reference_type
scores
url https://security.samsungmobile.com/securityUpdate.smsb
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44994
reference_id CVE-2021-44994
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-44994
fixed_packages
aliases CVE-2021-44994
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bhk2-uvwq-qqa5
13
url VCID-caxw-hx6n-dqed
vulnerability_id VCID-caxw-hx6n-dqed
summary 
Out-of-bounds Read
Jerryscript was discovered to contain a SEGV vulnerability via ecma_ref_object_inline in /jerry-core/ecma/base/ecma-gc.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4871
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4871
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22891
reference_id CVE-2022-22891
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-22891
fixed_packages
aliases CVE-2022-22891
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-caxw-hx6n-dqed
14
url VCID-cyff-fter-jyfe
vulnerability_id VCID-cyff-fter-jyfe
summary 
Reachable Assertion
There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustment (date_value)' failed at /jerry-core/ecma/builtin-objects/ecma-builtin-date-prototype.c(ecma_builtin_date_prototype_dispatch_set):421 in JerryScript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4940
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4940
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46351
reference_id CVE-2021-46351
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-46351
fixed_packages
aliases CVE-2021-46351
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cyff-fter-jyfe
15
url VCID-e6pp-ehvp-v3fs
vulnerability_id VCID-e6pp-ehvp-v3fs
summary 
Reachable Assertion
There is an Assertion 'arguments_type != SCANNER_ARGUMENTS_PRESENT && arguments_type != SCANNER_ARGUMENTS_PRESENT_NO_REG' failed at /jerry-core/parser/js/js-scanner-util.c in Jerryscript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4847
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4847
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22890
reference_id CVE-2022-22890
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-22890
fixed_packages
aliases CVE-2022-22890
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e6pp-ehvp-v3fs
16
url VCID-eeup-qx6t-puh9
vulnerability_id VCID-eeup-qx6t-puh9
summary 
Reachable Assertion
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the jcontext_raise_exception at jerry-core/jcontext/jcontext.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/5069
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/5069
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31919
reference_id CVE-2023-31919
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-31919
fixed_packages
aliases CVE-2023-31919
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eeup-qx6t-puh9
17
url VCID-enra-h154-hyhu
vulnerability_id VCID-enra-h154-hyhu
summary 
Reachable Assertion
Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-core/parser/js/js-parser.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/5064
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/5064
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31918
reference_id CVE-2023-31918
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-31918
fixed_packages
aliases CVE-2023-31918
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-enra-h154-hyhu
18
url VCID-h53g-vkxw-5fgy
vulnerability_id VCID-h53g-vkxw-5fgy
summary 
Out-of-bounds Write
Jerryscript was discovered to contain a stack overflow via ecma_op_object_find_own in /ecma/operations/ecma-objects.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4848
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4848
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22888
reference_id CVE-2022-22888
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-22888
fixed_packages
aliases CVE-2022-22888
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h53g-vkxw-5fgy
19
url VCID-m9wh-1w5u-p7a1
vulnerability_id VCID-m9wh-1w5u-p7a1
summary 
Out-of-bounds Write
Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via the component scanner_literal_is_created at /jerry-core/parser/js/js-scanner-util.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/5073
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/5073
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31907
reference_id CVE-2023-31907
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-31907
fixed_packages
aliases CVE-2023-31907
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m9wh-1w5u-p7a1
20
url VCID-mscu-ujzn-cyfv
vulnerability_id VCID-mscu-ujzn-cyfv
summary 
Reachable Assertion
There is an Assertion 'ecma_is_lexical_environment (obj_p) || !ecma_op_object_is_fast_array (obj_p)' failed at /jerry-core/ecma/base/ecma-helpers.c in JerryScript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4934
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4934
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46342
reference_id CVE-2021-46342
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-46342
fixed_packages
aliases CVE-2021-46342
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mscu-ujzn-cyfv
21
url VCID-my7c-dmwn-ruck
vulnerability_id VCID-my7c-dmwn-ruck
summary 
Out-of-bounds Write
Buffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0 allows a remote attacker to execute arbitrary code via the scanner_is_context_needed component in js-scanner-until.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/5092
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/5092
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-38961
reference_id CVE-2023-38961
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-38961
fixed_packages
aliases CVE-2023-38961
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-my7c-dmwn-ruck
22
url VCID-nzxx-wpdu-53dv
vulnerability_id VCID-nzxx-wpdu-53dv
summary 
Reachable Assertion
There is an Assertion 'page_p != NULL' failed at /parser/js/js-parser-mem.c(parser_list_get) in JerryScript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4930
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4930
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46337
reference_id CVE-2021-46337
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-46337
fixed_packages
aliases CVE-2021-46337
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nzxx-wpdu-53dv
23
url VCID-pk9x-w83a-pbf7
vulnerability_id VCID-pk9x-w83a-pbf7
summary 
Reachable Assertion
Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/5062
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/5062
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31916
reference_id CVE-2023-31916
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-31916
fixed_packages
aliases CVE-2023-31916
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pk9x-w83a-pbf7
24
url VCID-pkt4-nu1n-77cg
vulnerability_id VCID-pkt4-nu1n-77cg
summary 
Reachable Assertion
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the vm_loop at jerry-core/vm/vm.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/5070
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/5070
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31920
reference_id CVE-2023-31920
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-31920
fixed_packages
aliases CVE-2023-31920
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pkt4-nu1n-77cg
25
url VCID-pr6g-yv9y-byhf
vulnerability_id VCID-pr6g-yv9y-byhf
summary 
Reachable Assertion
There is an Assertion 'ecma_is_value_object (value)' failed at jerryscript/jerry-core/ecma/base/ecma-helpers-value.c in JerryScript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4936
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4936
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46350
reference_id CVE-2021-46350
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-46350
fixed_packages
aliases CVE-2021-46350
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pr6g-yv9y-byhf
26
url VCID-u4va-nsrk-pkgr
vulnerability_id VCID-u4va-nsrk-pkgr
summary 
Out-of-bounds Write
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component parser_parse_function_statement at /jerry-core/parser/js/js-parser-statm.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/5076
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/5076
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31910
reference_id CVE-2023-31910
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-31910
fixed_packages
aliases CVE-2023-31910
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u4va-nsrk-pkgr
27
url VCID-ucve-wqaq-5yd1
vulnerability_id VCID-ucve-wqaq-5yd1
summary 
Reachable Assertion
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/5084
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/5084
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-34867
reference_id CVE-2023-34867
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-34867
fixed_packages
aliases CVE-2023-34867
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ucve-wqaq-5yd1
28
url VCID-uefz-v5rg-8bgx
vulnerability_id VCID-uefz-v5rg-8bgx
summary 
Reachable Assertion
There is an Assertion 'cesu8_cursor_p == cesu8_end_p' failed at /jerry-core/lit/lit-strings.c in JerryScript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4920
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4920
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46345
reference_id CVE-2021-46345
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-46345
fixed_packages
aliases CVE-2021-46345
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uefz-v5rg-8bgx
29
url VCID-ueya-bx43-73hf
vulnerability_id VCID-ueya-bx43-73hf
summary 
Reachable Assertion
There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustment (date_value)' failed at /jerry-core/ecma/builtin-objects/ecma-builtin-date-prototype.c(ecma_builtin_date_prototype_dispatch_set):421 in JerryScript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4939
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4939
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46346
reference_id CVE-2021-46346
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-46346
fixed_packages
aliases CVE-2021-46346
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ueya-bx43-73hf
30
url VCID-uye6-f6w4-wqb3
vulnerability_id VCID-uye6-f6w4-wqb3
summary 
Out-of-bounds Write
Jerryscript was discovered to contain a stack overflow via vm_loop.lto_priv.304 in /jerry-core/vm/vm.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4901
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4901
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22893
reference_id CVE-2022-22893
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-22893
fixed_packages
aliases CVE-2022-22893
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uye6-f6w4-wqb3
31
url VCID-uzvh-qmgc-juf7
vulnerability_id VCID-uzvh-qmgc-juf7
summary 
Memory Allocation with Excessive Size Value
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/5071
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/5071
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31914
reference_id CVE-2023-31914
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-31914
fixed_packages
aliases CVE-2023-31914
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uzvh-qmgc-juf7
32
url VCID-wjwq-qn34-1qd2
vulnerability_id VCID-wjwq-qn34-1qd2
summary 
Reachable Assertion
There is an Assertion ''ecma_is_value_boolean (base_value)'' failed at /jerry-core/ecma/operations/ecma-get-put-value.c in Jerryscript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4876
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4876
1
reference_url https://security.samsungmobile.com/securityUpdate.smsb
reference_id
reference_type
scores
url https://security.samsungmobile.com/securityUpdate.smsb
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44993
reference_id CVE-2021-44993
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-44993
fixed_packages
aliases CVE-2021-44993
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wjwq-qn34-1qd2
33
url VCID-xv39-kbyz-7feu
vulnerability_id VCID-xv39-kbyz-7feu
summary 
Reachable Assertion
There is an Assertion 'opts & PARSER_CLASS_LITERAL_CTOR_PRESENT' failed at /parser/js/js-parser-expr.c(parser_parse_class_body) in JerryScript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4927
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4927
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46336
reference_id CVE-2021-46336
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-46336
fixed_packages
aliases CVE-2021-46336
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xv39-kbyz-7feu
34
url VCID-y6qb-5zby-a3cp
vulnerability_id VCID-y6qb-5zby-a3cp
summary 
Reachable Assertion
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_big_uint_div_mod at jerry-core/ecma/operations/ecma-big-uint.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/5068
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/5068
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31921
reference_id CVE-2023-31921
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-31921
fixed_packages
aliases CVE-2023-31921
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y6qb-5zby-a3cp
35
url VCID-ycvt-ak76-duge
vulnerability_id VCID-ycvt-ak76-duge
summary 
Reachable Assertion
Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/5061
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/5061
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31913
reference_id CVE-2023-31913
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-31913
fixed_packages
aliases CVE-2023-31913
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ycvt-ak76-duge
36
url VCID-zbqb-uwgx-nffg
vulnerability_id VCID-zbqb-uwgx-nffg
summary 
Reachable Assertion
There is an Assertion 'flags & PARSER_PATTERN_HAS_REST_ELEMENT' failed at /jerry-core/parser/js/js-parser-expr.c in JerryScript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4928
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4928
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46344
reference_id CVE-2021-46344
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-46344
fixed_packages
aliases CVE-2021-46344
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zbqb-uwgx-nffg
37
url VCID-ze5f-j4ny-8ueh
vulnerability_id VCID-ze5f-j4ny-8ueh
summary 
Reachable Assertion
There is an Assertion 'type == ECMA_OBJECT_TYPE_GENERAL || type == ECMA_OBJECT_TYPE_PROXY' failed at /jerry-core/ecma/operations/ecma-objects.c in JerryScript
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/4937
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/4937
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46349
reference_id CVE-2021-46349
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-46349
fixed_packages
aliases CVE-2021-46349
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ze5f-j4ny-8ueh
38
url VCID-zm48-kdxj-mub9
vulnerability_id VCID-zm48-kdxj-mub9
summary 
Out-of-bounds Write
Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c.
references
0
reference_url https://github.com/jerryscript-project/jerryscript/issues/5066
reference_id
reference_type
scores
url https://github.com/jerryscript-project/jerryscript/issues/5066
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31906
reference_id CVE-2023-31906
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-31906
fixed_packages
aliases CVE-2023-31906
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zm48-kdxj-mub9
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:conan/jerryscript@3.0.0