CVE-2020-13649

Опубликовано: 28 мая 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure.

Ссылки

https://github.com/jerryscript-project/jerryscript/commit/69f8e78c2f8d562bd6d8002b5488f1662ac30d24
Patch
Third Party Advisory
https://github.com/jerryscript-project/jerryscript/issues/3786
Third Party Advisory
https://github.com/jerryscript-project/jerryscript/issues/3788
Third Party Advisory
https://github.com/jerryscript-project/jerryscript/commit/69f8e78c2f8d562bd6d8002b5488f1662ac30d24
Patch
Third Party Advisory
https://github.com/jerryscript-project/jerryscript/issues/3786
Third Party Advisory
https://github.com/jerryscript-project/jerryscript/issues/3788
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jerryscript:jerryscript:2.2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00401

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

CVE-2020-13649

CVSS3: 7.5

ubuntu

больше 5 лет назад

CVE-2020-13649

CVSS3: 7.5

debian

больше 5 лет назад

parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during c ...

GHSA-47mc-x3rj-x64v

github

больше 3 лет назад

EPSS

Процентиль: 60%

0.00401

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476