CVE-2023-31906

Опубликовано: 10 мая 2023

Источник: debian

EPSS Низкий

Описание

Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
iotjs	removed			package
iotjs	ignored		buster	package

Примечания

https://github.com/jerryscript-project/jerryscript/issues/5066

EPSS

Процентиль: 25%

0.00086

Низкий

Связанные уязвимости

CVE-2023-31906

CVSS3: 7.8

ubuntu

больше 2 лет назад

Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c.

CVE-2023-31906

CVSS3: 7.8

nvd

больше 2 лет назад

Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c.

GHSA-44q9-g282-869g

CVSS3: 7.8

github

больше 2 лет назад

Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c.

EPSS

Процентиль: 25%

0.00086

Низкий