JerryScript 2.2.0 re-parser.c re_parse_char_escape heap-based overflow

EntryeditHistoryDiffjsonxmlCTI

A vulnerability was found in JerryScript 2.2.0. It has been classified as critical. Affected is the function re_parse_char_escape of the file re-parser.c. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1133769706/13/2021VulD...confirm_urlhttps://github.com/jerryscript-project/jerryscript/issues/3871cve.mitre.org06/13/2021accepted70
1133769606/13/2021VulD...cve_nvd_summaryThere is a heap-buffer-overflow at re-parser.c in re_parse_char_escape in JerryScript 2.2.0.cve.mitre.org06/13/2021accepted70
1133769506/13/2021VulD...cve_assigned1597269600cve.mitre.org06/13/2021accepted70
1133336906/11/2021VulD...price_0day$0-$5ksee documentation06/11/2021accepted90
1133336806/11/2021VulD...cvss3_meta_tempscore5.5see documentation06/11/2021accepted90
1133336706/11/2021VulD...cvss3_meta_basescore5.5see documentation06/11/2021accepted90
1133336606/11/2021VulD...cvss3_vuldb_tempscore5.506/11/2021accepted90
1133336506/11/2021VulD...cvss3_vuldb_basescore5.506/11/2021accepted90
1133336406/11/2021VulD...cvss2_vuldb_tempscore5.206/11/2021accepted90
1133336306/11/2021VulD...cvss2_vuldb_basescore5.206/11/2021accepted90
1133336206/11/2021VulD...cvss3_vuldb_rlXderived from historical data06/11/2021accepted80
1133336106/11/2021VulD...cvss3_vuldb_eXderived from historical data06/11/2021accepted80
1133336006/11/2021VulD...cvss3_vuldb_prLderived from historical data06/11/2021accepted80
1133335906/11/2021VulD...cvss3_vuldb_avAderived from historical data06/11/2021accepted80
1133335806/11/2021VulD...cvss2_vuldb_rlNDderived from historical data06/11/2021accepted80
1133335706/11/2021VulD...cvss2_vuldb_eNDderived from historical data06/11/2021accepted80
1133335606/11/2021VulD...cvss2_vuldb_auSderived from historical data06/11/2021accepted80
1133335506/11/2021VulD...cvss2_vuldb_avAderived from historical data06/11/2021accepted80
1133335406/11/2021VulD...cvss2_vuldb_rcCderived from vuldb v3 vector06/11/2021accepted80
1133335306/11/2021VulD...cvss2_vuldb_aiPderived from vuldb v3 vector06/11/2021accepted80

Do you need the next level of professionalism?

Upgrade your account now!