{"url":"http://public2.vulnerablecode.io/api/packages/60201?format=json","purl":"pkg:conan/jerryscript@3.0.0","type":"conan","namespace":"","name":"jerryscript","version":"3.0.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42146?format=json","vulnerability_id":"VCID-1dmn-erdq-43gv","summary":"Out-of-bounds Write\nJerryscript was discovered to contain a stack overflow via ecma_lcache_lookup in /jerry-core/ecma/base/ecma-lcache.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4890","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4890"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22894","reference_id":"CVE-2022-22894","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22894"}],"fixed_packages":[],"aliases":["CVE-2022-22894"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1dmn-erdq-43gv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42114?format=json","vulnerability_id":"VCID-1h9u-ym8m-jbav","summary":"Reachable Assertion\nThere is an Assertion 'ecma_object_check_class_name_is_object (obj_p)' failed at /jerry-core/ecma/operations/ecma-objects.c in JerryScript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4938","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4938"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46347","reference_id":"CVE-2021-46347","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46347"}],"fixed_packages":[],"aliases":["CVE-2021-46347"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1h9u-ym8m-jbav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42109?format=json","vulnerability_id":"VCID-27cg-rjmx-pqb4","summary":"Reachable Assertion\nThere is an Assertion 'ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p)' failed at /jerry-core/ecma/base/ecma-literal-storage.c in JerryScript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4941","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4941"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46348","reference_id":"CVE-2021-46348","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46348"}],"fixed_packages":[],"aliases":["CVE-2021-46348"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-27cg-rjmx-pqb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42104?format=json","vulnerability_id":"VCID-2prq-dcy2-8khr","summary":"Reachable Assertion\nThere is an Assertion 'context_p->stack_top_uint8 == SCAN_STACK_TRY_STATEMENT || context_p->stack_top_uint8 == SCAN_STACK_CATCH_STATEMENT' failed at /parser/js/js-scanner.c(scanner_scan_statement_end) in JerryScript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4924","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4924"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46340","reference_id":"CVE-2021-46340","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46340"}],"fixed_packages":[],"aliases":["CVE-2021-46340"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2prq-dcy2-8khr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42103?format=json","vulnerability_id":"VCID-2xq3-mq8n-fkfc","summary":"Reachable Assertion\nThere is an Assertion 'context_p->token.type == LEXER_LITERAL' failed at /jerry-core/parser/js/js-parser-expr.c in JerryScript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4921","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4921"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46343","reference_id":"CVE-2021-46343","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46343"}],"fixed_packages":[],"aliases":["CVE-2021-46343"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2xq3-mq8n-fkfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42120?format=json","vulnerability_id":"VCID-3y3s-cktx-a7fy","summary":"Reachable Assertion\nThere is an Assertion 'ecma_is_lexical_environment (object_p)' failed at /base/ecma-helpers.c(ecma_get_lex_env_type) in JerryScript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4900","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4900"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46338","reference_id":"CVE-2021-46338","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46338"}],"fixed_packages":[],"aliases":["CVE-2021-46338"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3y3s-cktx-a7fy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45397?format=json","vulnerability_id":"VCID-55gv-vq2s-33g9","summary":"Reachable Assertion\nJerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the parser_parse_for_statement_start at jerry-core/parser/js/js-parser-statm.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/5083","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/5083"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-34868","reference_id":"CVE-2023-34868","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-34868"}],"fixed_packages":[],"aliases":["CVE-2023-34868"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-55gv-vq2s-33g9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42105?format=json","vulnerability_id":"VCID-6z4b-cv6b-tqgy","summary":"Reachable Assertion\nThere is an Assertion 'lit_is_valid_cesu8_string (string_p, string_size)' failed at /base/ecma-helpers-string.c(ecma_new_ecma_string_from_utf8) in JerryScript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4935","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4935"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46339","reference_id":"CVE-2021-46339","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46339"}],"fixed_packages":[],"aliases":["CVE-2021-46339"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6z4b-cv6b-tqgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42150?format=json","vulnerability_id":"VCID-75m8-ty1f-qbfy","summary":"Reachable Assertion\nThere is an Assertion 'ecma_is_value_undefined (value) || ecma_is_value_null (value) || ecma_is_value_boolean (value) || ecma_is_value_number (value) || ecma_is_value_string (value) || ecma_is_value_bigint (value) || ecma_is_value_symbol (value) || ecma_is_value_object (value)' failed at jerry-core/ecma/base/ecma-helpers-value.c in Jerryscripts","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4872","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4872"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22892","reference_id":"CVE-2022-22892","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22892"}],"fixed_packages":[],"aliases":["CVE-2022-22892"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-75m8-ty1f-qbfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42133?format=json","vulnerability_id":"VCID-96gz-7p7d-kye6","summary":"Out-of-bounds Write\nJerryscript was discovered to contain a heap-buffer-overflow via ecma_utf8_string_to_number_by_radix in /jerry-core/ecma/base/ecma-helpers-conversion.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4850","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4850"},{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4882","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4882"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22895","reference_id":"CVE-2022-22895","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22895"}],"fixed_packages":[],"aliases":["CVE-2022-22895"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-96gz-7p7d-kye6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42174?format=json","vulnerability_id":"VCID-9mgp-bp1a-a7d4","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nThere is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at /jerry-core/ecma/operations/ecma-typedarray-object.c in Jerryscript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4875","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4875"},{"reference_url":"https://security.samsungmobile.com/securityUpdate.smsb","reference_id":"","reference_type":"","scores":[],"url":"https://security.samsungmobile.com/securityUpdate.smsb"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44992","reference_id":"CVE-2021-44992","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44992"}],"fixed_packages":[],"aliases":["CVE-2021-44992"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9mgp-bp1a-a7d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42183?format=json","vulnerability_id":"VCID-agbb-mdrb-j3du","summary":"Out-of-bounds Write\nJerryscript v3.0.0 was discovered to contain a stack overflow via ecma_find_named_property in ecma-helpers.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4890","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4890"},{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4891","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4891"},{"reference_url":"https://security.samsungmobile.com/securityUpdate.smsb","reference_id":"","reference_type":"","scores":[],"url":"https://security.samsungmobile.com/securityUpdate.smsb"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44988","reference_id":"CVE-2021-44988","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44988"}],"fixed_packages":[],"aliases":["CVE-2021-44988"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-agbb-mdrb-j3du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42182?format=json","vulnerability_id":"VCID-bhk2-uvwq-qqa5","summary":"Reachable Assertion\nThere is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0'' failed at /jerry-core/jmem/jmem-heap.c in Jerryscript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4894","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4894"},{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4895","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4895"},{"reference_url":"https://security.samsungmobile.com/securityUpdate.smsb","reference_id":"","reference_type":"","scores":[],"url":"https://security.samsungmobile.com/securityUpdate.smsb"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44994","reference_id":"CVE-2021-44994","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44994"}],"fixed_packages":[],"aliases":["CVE-2021-44994"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bhk2-uvwq-qqa5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42129?format=json","vulnerability_id":"VCID-caxw-hx6n-dqed","summary":"Out-of-bounds Read\nJerryscript was discovered to contain a SEGV vulnerability via ecma_ref_object_inline in /jerry-core/ecma/base/ecma-gc.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4871","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4871"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22891","reference_id":"CVE-2022-22891","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22891"}],"fixed_packages":[],"aliases":["CVE-2022-22891"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-caxw-hx6n-dqed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42108?format=json","vulnerability_id":"VCID-cyff-fter-jyfe","summary":"Reachable Assertion\nThere is an Assertion 'local_tza == ecma_date_local_time_zone_adjustment (date_value)' failed at /jerry-core/ecma/builtin-objects/ecma-builtin-date-prototype.c(ecma_builtin_date_prototype_dispatch_set):421 in JerryScript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4940","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4940"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46351","reference_id":"CVE-2021-46351","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46351"}],"fixed_packages":[],"aliases":["CVE-2021-46351"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cyff-fter-jyfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42111?format=json","vulnerability_id":"VCID-e6pp-ehvp-v3fs","summary":"Reachable Assertion\nThere is an Assertion 'arguments_type != SCANNER_ARGUMENTS_PRESENT && arguments_type != SCANNER_ARGUMENTS_PRESENT_NO_REG' failed at /jerry-core/parser/js/js-scanner-util.c in Jerryscript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4847","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4847"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22890","reference_id":"CVE-2022-22890","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22890"}],"fixed_packages":[],"aliases":["CVE-2022-22890"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e6pp-ehvp-v3fs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45174?format=json","vulnerability_id":"VCID-eeup-qx6t-puh9","summary":"Reachable Assertion\nJerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the jcontext_raise_exception at jerry-core/jcontext/jcontext.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/5069","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/5069"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31919","reference_id":"CVE-2023-31919","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31919"}],"fixed_packages":[],"aliases":["CVE-2023-31919"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eeup-qx6t-puh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45173?format=json","vulnerability_id":"VCID-enra-h154-hyhu","summary":"Reachable Assertion\nJerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-core/parser/js/js-parser.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/5064","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/5064"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31918","reference_id":"CVE-2023-31918","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31918"}],"fixed_packages":[],"aliases":["CVE-2023-31918"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-enra-h154-hyhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42121?format=json","vulnerability_id":"VCID-h53g-vkxw-5fgy","summary":"Out-of-bounds Write\nJerryscript was discovered to contain a stack overflow via ecma_op_object_find_own in /ecma/operations/ecma-objects.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4848","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4848"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22888","reference_id":"CVE-2022-22888","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22888"}],"fixed_packages":[],"aliases":["CVE-2022-22888"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h53g-vkxw-5fgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45152?format=json","vulnerability_id":"VCID-m9wh-1w5u-p7a1","summary":"Out-of-bounds Write\nJerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via the component scanner_literal_is_created at /jerry-core/parser/js/js-scanner-util.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/5073","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/5073"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31907","reference_id":"CVE-2023-31907","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31907"}],"fixed_packages":[],"aliases":["CVE-2023-31907"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m9wh-1w5u-p7a1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42112?format=json","vulnerability_id":"VCID-mscu-ujzn-cyfv","summary":"Reachable Assertion\nThere is an Assertion 'ecma_is_lexical_environment (obj_p) || !ecma_op_object_is_fast_array (obj_p)' failed at /jerry-core/ecma/base/ecma-helpers.c in JerryScript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4934","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4934"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46342","reference_id":"CVE-2021-46342","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46342"}],"fixed_packages":[],"aliases":["CVE-2021-46342"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mscu-ujzn-cyfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45895?format=json","vulnerability_id":"VCID-my7c-dmwn-ruck","summary":"Out-of-bounds Write\nBuffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0 allows a remote attacker to execute arbitrary code via the scanner_is_context_needed component in js-scanner-until.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/5092","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/5092"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38961","reference_id":"CVE-2023-38961","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38961"}],"fixed_packages":[],"aliases":["CVE-2023-38961"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-my7c-dmwn-ruck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42107?format=json","vulnerability_id":"VCID-nzxx-wpdu-53dv","summary":"Reachable Assertion\nThere is an Assertion 'page_p != NULL' failed at /parser/js/js-parser-mem.c(parser_list_get) in JerryScript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4930","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4930"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46337","reference_id":"CVE-2021-46337","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46337"}],"fixed_packages":[],"aliases":["CVE-2021-46337"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nzxx-wpdu-53dv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45167?format=json","vulnerability_id":"VCID-pk9x-w83a-pbf7","summary":"Reachable Assertion\nJerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/5062","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/5062"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31916","reference_id":"CVE-2023-31916","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31916"}],"fixed_packages":[],"aliases":["CVE-2023-31916"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pk9x-w83a-pbf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45176?format=json","vulnerability_id":"VCID-pkt4-nu1n-77cg","summary":"Reachable Assertion\nJerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the vm_loop at jerry-core/vm/vm.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/5070","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/5070"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31920","reference_id":"CVE-2023-31920","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31920"}],"fixed_packages":[],"aliases":["CVE-2023-31920"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pkt4-nu1n-77cg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42116?format=json","vulnerability_id":"VCID-pr6g-yv9y-byhf","summary":"Reachable Assertion\nThere is an Assertion 'ecma_is_value_object (value)' failed at jerryscript/jerry-core/ecma/base/ecma-helpers-value.c in JerryScript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4936","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4936"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46350","reference_id":"CVE-2021-46350","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46350"}],"fixed_packages":[],"aliases":["CVE-2021-46350"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pr6g-yv9y-byhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45146?format=json","vulnerability_id":"VCID-u4va-nsrk-pkgr","summary":"Out-of-bounds Write\nJerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component parser_parse_function_statement at /jerry-core/parser/js/js-parser-statm.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/5076","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/5076"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31910","reference_id":"CVE-2023-31910","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31910"}],"fixed_packages":[],"aliases":["CVE-2023-31910"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u4va-nsrk-pkgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45388?format=json","vulnerability_id":"VCID-ucve-wqaq-5yd1","summary":"Reachable Assertion\nJerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/5084","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/5084"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-34867","reference_id":"CVE-2023-34867","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-34867"}],"fixed_packages":[],"aliases":["CVE-2023-34867"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ucve-wqaq-5yd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42110?format=json","vulnerability_id":"VCID-uefz-v5rg-8bgx","summary":"Reachable Assertion\nThere is an Assertion 'cesu8_cursor_p == cesu8_end_p' failed at /jerry-core/lit/lit-strings.c in JerryScript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4920","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4920"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46345","reference_id":"CVE-2021-46345","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46345"}],"fixed_packages":[],"aliases":["CVE-2021-46345"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uefz-v5rg-8bgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42117?format=json","vulnerability_id":"VCID-ueya-bx43-73hf","summary":"Reachable Assertion\nThere is an Assertion 'local_tza == ecma_date_local_time_zone_adjustment (date_value)' failed at /jerry-core/ecma/builtin-objects/ecma-builtin-date-prototype.c(ecma_builtin_date_prototype_dispatch_set):421 in JerryScript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4939","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4939"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46346","reference_id":"CVE-2021-46346","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46346"}],"fixed_packages":[],"aliases":["CVE-2021-46346"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ueya-bx43-73hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42141?format=json","vulnerability_id":"VCID-uye6-f6w4-wqb3","summary":"Out-of-bounds Write\nJerryscript was discovered to contain a stack overflow via vm_loop.lto_priv.304 in /jerry-core/vm/vm.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4901","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4901"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22893","reference_id":"CVE-2022-22893","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22893"}],"fixed_packages":[],"aliases":["CVE-2022-22893"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uye6-f6w4-wqb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45180?format=json","vulnerability_id":"VCID-uzvh-qmgc-juf7","summary":"Memory Allocation with Excessive Size Value\nJerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/5071","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/5071"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31914","reference_id":"CVE-2023-31914","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31914"}],"fixed_packages":[],"aliases":["CVE-2023-31914"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uzvh-qmgc-juf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42181?format=json","vulnerability_id":"VCID-wjwq-qn34-1qd2","summary":"Reachable Assertion\nThere is an Assertion ''ecma_is_value_boolean (base_value)'' failed at /jerry-core/ecma/operations/ecma-get-put-value.c in Jerryscript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4876","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4876"},{"reference_url":"https://security.samsungmobile.com/securityUpdate.smsb","reference_id":"","reference_type":"","scores":[],"url":"https://security.samsungmobile.com/securityUpdate.smsb"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44993","reference_id":"CVE-2021-44993","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44993"}],"fixed_packages":[],"aliases":["CVE-2021-44993"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wjwq-qn34-1qd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42106?format=json","vulnerability_id":"VCID-xv39-kbyz-7feu","summary":"Reachable Assertion\nThere is an Assertion 'opts & PARSER_CLASS_LITERAL_CTOR_PRESENT' failed at /parser/js/js-parser-expr.c(parser_parse_class_body) in JerryScript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4927","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4927"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46336","reference_id":"CVE-2021-46336","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46336"}],"fixed_packages":[],"aliases":["CVE-2021-46336"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xv39-kbyz-7feu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45166?format=json","vulnerability_id":"VCID-y6qb-5zby-a3cp","summary":"Reachable Assertion\nJerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_big_uint_div_mod at jerry-core/ecma/operations/ecma-big-uint.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/5068","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/5068"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31921","reference_id":"CVE-2023-31921","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31921"}],"fixed_packages":[],"aliases":["CVE-2023-31921"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y6qb-5zby-a3cp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45163?format=json","vulnerability_id":"VCID-ycvt-ak76-duge","summary":"Reachable Assertion\nJerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/5061","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/5061"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31913","reference_id":"CVE-2023-31913","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31913"}],"fixed_packages":[],"aliases":["CVE-2023-31913"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ycvt-ak76-duge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42113?format=json","vulnerability_id":"VCID-zbqb-uwgx-nffg","summary":"Reachable Assertion\nThere is an Assertion 'flags & PARSER_PATTERN_HAS_REST_ELEMENT' failed at /jerry-core/parser/js/js-parser-expr.c in JerryScript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4928","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4928"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46344","reference_id":"CVE-2021-46344","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46344"}],"fixed_packages":[],"aliases":["CVE-2021-46344"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zbqb-uwgx-nffg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42115?format=json","vulnerability_id":"VCID-ze5f-j4ny-8ueh","summary":"Reachable Assertion\nThere is an Assertion 'type == ECMA_OBJECT_TYPE_GENERAL || type == ECMA_OBJECT_TYPE_PROXY' failed at /jerry-core/ecma/operations/ecma-objects.c in JerryScript","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/4937","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/4937"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46349","reference_id":"CVE-2021-46349","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46349"}],"fixed_packages":[],"aliases":["CVE-2021-46349"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ze5f-j4ny-8ueh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45156?format=json","vulnerability_id":"VCID-zm48-kdxj-mub9","summary":"Out-of-bounds Write\nJerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c.","references":[{"reference_url":"https://github.com/jerryscript-project/jerryscript/issues/5066","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/jerryscript-project/jerryscript/issues/5066"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31906","reference_id":"CVE-2023-31906","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31906"}],"fixed_packages":[],"aliases":["CVE-2023-31906"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zm48-kdxj-mub9"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/jerryscript@3.0.0"}