Jsish version 2.4.65 contains a CWE-476: NULL Pointer Dereference vulnerability in Function jsi_ValueCopyMove from jsiValue.c:240 that can result in Crash due to segmentation fault. This attack appear to be exploitable via a crafted javascript code. This vulnerability appears to have been fixed in 2.4.67.
Max CVSS
6.5
EPSS Score
0.08%
Published
2018-08-20
Updated
2018-10-25
jsish version 2.4.67 contains a CWE-476: NULL Pointer Dereference vulnerability in Jsi_LogMsg (jsiUtils.c:196) that can result in Crash due to segmentation fault. This attack appear to be exploitable via the victim executing specially crafted javascript code. This vulnerability appears to have been fixed in 2.4.69.
Max CVSS
6.5
EPSS Score
0.09%
Published
2018-09-06
Updated
2018-10-25
jsish version 2.4.70 2.047 contains a Buffer Overflow vulnerability in function _jsi_evalcode from jsiEval.c that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code.
Max CVSS
6.5
EPSS Score
0.09%
Published
2018-09-06
Updated
2018-10-25
jsish version 2.4.70 2.047 contains a CWE-125: Out-of-bounds Read vulnerability in function jsi_ObjArrayLookup (jsiObj.c:274) that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code. This vulnerability appears to have been fixed in 2.4.71.
Max CVSS
6.5
EPSS Score
0.09%
Published
2018-09-06
Updated
2018-10-25
jsish 2.4.74 2.0474 is affected by: CWE-476: NULL Pointer Dereference. The impact is: denial of service. The component is: function Jsi_StrcmpDict (jsiChar.c:121). The attack vector is: The victim must execute crafted javascript code. The fixed version is: 2.4.77.
Max CVSS
5.5
EPSS Score
0.07%
Published
2019-07-23
Updated
2019-10-09
Jsish 2.4.77 2.0477 is affected by: Out-of-bounds Read. The impact is: denial of service. The component is: function lexer_getchar (jsiLexer.c:9). The attack vector is: executing crafted javascript code. The fixed version is: 2.4.78.
Max CVSS
7.5
EPSS Score
0.12%
Published
2019-07-23
Updated
2019-07-23
Jsish 2.4.77 2.0477 is affected by: Use After Free. The impact is: denial of service. The component is: function Jsi_ObjFree (jsiObj.c:230). The attack vector is: executing crafted javascript code. The fixed version is: 2.4.78.
Max CVSS
7.5
EPSS Score
0.12%
Published
2019-07-23
Updated
2019-07-23
Jsish 2.4.83 2.0483 is affected by: Nullpointer dereference. The impact is: denial of service. The component is: function jsi_DumpFunctions (jsiEval.c:567). The attack vector is: executing crafted javascript code. The fixed version is: 2.4.84.
Max CVSS
7.5
EPSS Score
0.12%
Published
2019-07-23
Updated
2019-07-23
Jsish 2.4.84 2.0484 is affected by: Uncontrolled Resource Consumption. The impact is: denial of service. The component is: function jsiValueGetString (jsiUtils.c). The attack vector is: executing crafted javascript code. The fixed version is: after commit f3a8096e0ce44bbf36c1dcb6e603adf9c8670c39.
Max CVSS
7.5
EPSS Score
0.10%
Published
2019-07-25
Updated
2019-08-01
Jsish 2.4.84 2.0484 is affected by: Reachable Assertion. The impact is: denial of service. The component is: function Jsi_ValueArrayIndex (jsiValue.c:366). The attack vector is: executing crafted javascript code. The fixed version is: after commit 738ead193aff380a7e3d7ffb8e11e446f76867f3.
Max CVSS
7.5
EPSS Score
0.12%
Published
2019-07-23
Updated
2020-08-24
Jsish 2.4.70 2.047 is affected by: Use After Free. The impact is: denial of service and possibly arbitrary code execution. The component is: function Jsi_RegExpNew (jsi/jsiRegexp.c:39). The attack vector is: executing crafted javascript code. The fixed version is: after commit 48a66c798d.
Max CVSS
9.8
EPSS Score
0.51%
Published
2019-07-24
Updated
2019-08-01
Buffer overflow vulnerability in function NumberToPrecisionCmd in jsish before 3.0.7, allows remote attackers to execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.63%
Published
2021-07-13
Updated
2021-07-15
Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish before 3.0.8, allows remote attackers to execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.80%
Published
2021-07-13
Updated
2021-07-15
Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote attackers to execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.80%
Published
2021-07-13
Updated
2021-07-15
Stack overflow vulnerability in function jsi_evalcode_sub in jsish before 3.0.18, allows remote attackers to cause a Denial of Service via a crafted value to the execute parameter.
Max CVSS
7.5
EPSS Score
0.33%
Published
2021-07-13
Updated
2021-07-15
An issue found in Jsish v.3.0.11 allows a remote attacker to cause a denial of service via the Jsi_ValueIsNumber function in ./src/jsiValue.c file.
Max CVSS
7.5
EPSS Score
0.08%
Published
2023-04-04
Updated
2023-04-10
An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the Jsi_Strlen function in the src/jsiChar.c file.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-04-04
Updated
2023-04-10
An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the StringReplaceCmd function in the src/jsiChar.c file.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-04-04
Updated
2023-04-10
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiEvalCodeSub in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS).
Max CVSS
5.5
EPSS Score
0.07%
Published
2022-01-25
Updated
2022-01-27
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsi_ArraySliceCmd in src/jsiArray.c. This vulnerability can lead to a Denial of Service (DoS).
Max CVSS
5.5
EPSS Score
0.07%
Published
2022-01-25
Updated
2022-01-27
Jsish v3.5.0 was discovered to contain a heap buffer overflow via RegExp_constructor in src/jsiRegexp.c. This vulnerability can lead to a Denial of Service (DoS).
Max CVSS
5.5
EPSS Score
0.07%
Published
2022-01-25
Updated
2022-01-27
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiClearStack in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS).
Max CVSS
5.5
EPSS Score
0.07%
Published
2022-01-25
Updated
2022-01-27
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiValueObjDelete in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS).
Max CVSS
5.5
EPSS Score
0.07%
Published
2022-01-25
Updated
2022-01-27
Jsish v3.5.0 was discovered to contain a memory leak via linenoise at src/linenoise.c.
Max CVSS
5.5
EPSS Score
0.05%
Published
2022-01-25
Updated
2022-01-27
Jsish v3.5.0 was discovered to contain a heap buffer overflow via NumberConstructor at src/jsiNumber.c.
Max CVSS
7.8
EPSS Score
0.08%
Published
2022-01-25
Updated
2022-01-27
52 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!