JerryScript 2.4.0 ecma-helpers.c ecma_is_lexical_environment use after free

EntryeditHistoryDiffjsonxmlCTI

A vulnerability was found in JerryScript 2.4.0. It has been classified as critical. Affected is the function ecma_is_lexical_environment of the file ecma-helpers.c. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1133764006/13/2021VulD...confirm_urlhttps://github.com/jerryscript-project/jerryscript/issues/4445cve.mitre.org06/13/2021accepted70
1133763906/13/2021VulD...cve_nvd_summaryAn issue was discovered in JerryScript 2.4.0. There is a heap-use-after-free in ecma_is_lexical_environment in the ecma-helpers.c file.cve.mitre.org06/13/2021accepted70
1133763806/13/2021VulD...cve_assigned1611529200cve.mitre.org06/13/2021accepted70
1133273006/11/2021VulD...price_0day$0-$5ksee documentation06/11/2021accepted90
1133272906/11/2021VulD...cvss3_meta_tempscore5.5see documentation06/11/2021accepted90
1133272806/11/2021VulD...cvss3_meta_basescore5.5see documentation06/11/2021accepted90
1133272706/11/2021VulD...cvss3_vuldb_tempscore5.506/11/2021accepted90
1133272606/11/2021VulD...cvss3_vuldb_basescore5.506/11/2021accepted90
1133272506/11/2021VulD...cvss2_vuldb_tempscore4.906/11/2021accepted90
1133272406/11/2021VulD...cvss2_vuldb_basescore4.906/11/2021accepted90
1133272306/11/2021VulD...cvss3_vuldb_rlXderived from historical data06/11/2021accepted80
1133272206/11/2021VulD...cvss3_vuldb_eXderived from historical data06/11/2021accepted80
1133272106/11/2021VulD...cvss3_vuldb_prLderived from historical data06/11/2021accepted80
1133272006/11/2021VulD...cvss3_vuldb_acLderived from historical data06/11/2021accepted80
1133271906/11/2021VulD...cvss3_vuldb_avAderived from historical data06/11/2021accepted80
1133271806/11/2021VulD...cvss2_vuldb_rlNDderived from historical data06/11/2021accepted80
1133271706/11/2021VulD...cvss2_vuldb_eNDderived from historical data06/11/2021accepted80
1133271606/11/2021VulD...cvss2_vuldb_auSderived from historical data06/11/2021accepted80
1133271506/11/2021VulD...cvss2_vuldb_acMderived from historical data06/11/2021accepted80
1133271406/11/2021VulD...cvss2_vuldb_avAderived from historical data06/11/2021accepted80

Might our Artificial Intelligence support you?

Check our Alexa App!