JerryScript 2.2.0 ecma-helpers-string.c ecma_ref_ecma_string use after free

EntryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, was found in JerryScript 2.2.0. Affected is the function ecma_ref_ecma_string of the file ecma-helpers-string.c. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1133766106/13/2021VulD...confirm_urlhttps://github.com/jerryscript-project/jerryscript/issues/3748cve.mitre.org06/13/2021accepted70
1133766006/13/2021VulD...cve_nvd_summaryThere is a heap-use-after-free at ecma-helpers-string.c:772 in ecma_ref_ecma_string in JerryScript 2.2.0cve.mitre.org06/13/2021accepted70
1133765906/13/2021VulD...cve_assigned1597269600cve.mitre.org06/13/2021accepted70
1133294706/11/2021VulD...price_0day$0-$5ksee documentation06/11/2021accepted90
1133294606/11/2021VulD...cvss3_meta_tempscore5.5see documentation06/11/2021accepted90
1133294506/11/2021VulD...cvss3_meta_basescore5.5see documentation06/11/2021accepted90
1133294406/11/2021VulD...cvss3_vuldb_tempscore5.506/11/2021accepted90
1133294306/11/2021VulD...cvss3_vuldb_basescore5.506/11/2021accepted90
1133294206/11/2021VulD...cvss2_vuldb_tempscore4.906/11/2021accepted90
1133294106/11/2021VulD...cvss2_vuldb_basescore4.906/11/2021accepted90
1133294006/11/2021VulD...cvss3_vuldb_rlXderived from historical data06/11/2021accepted80
1133293906/11/2021VulD...cvss3_vuldb_eXderived from historical data06/11/2021accepted80
1133293806/11/2021VulD...cvss3_vuldb_prLderived from historical data06/11/2021accepted80
1133293706/11/2021VulD...cvss3_vuldb_acLderived from historical data06/11/2021accepted80
1133293606/11/2021VulD...cvss3_vuldb_avAderived from historical data06/11/2021accepted80
1133293506/11/2021VulD...cvss2_vuldb_rlNDderived from historical data06/11/2021accepted80
1133293406/11/2021VulD...cvss2_vuldb_eNDderived from historical data06/11/2021accepted80
1133293306/11/2021VulD...cvss2_vuldb_auSderived from historical data06/11/2021accepted80
1133293206/11/2021VulD...cvss2_vuldb_acMderived from historical data06/11/2021accepted80
1133293106/11/2021VulD...cvss2_vuldb_avAderived from historical data06/11/2021accepted80

Want to stay up to date on a daily basis?

Enable the mail alert feature now!