Jsish : Security Vulnerabilities, CVEs, Published In 2019 (Denial of service)
Jsish 2.4.70 2.047 is affected by: Use After Free. The impact is: denial of service and possibly arbitrary code execution. The component is: function Jsi_RegExpNew (jsi/jsiRegexp.c:39). The attack vector is: executing crafted javascript code. The fixed version is: after commit 48a66c798d.
Max CVSS
9.8
EPSS Score
0.51%
Published
2019-07-24
Updated
2019-08-01
Jsish 2.4.84 2.0484 is affected by: Reachable Assertion. The impact is: denial of service. The component is: function Jsi_ValueArrayIndex (jsiValue.c:366). The attack vector is: executing crafted javascript code. The fixed version is: after commit 738ead193aff380a7e3d7ffb8e11e446f76867f3.
Max CVSS
7.5
EPSS Score
0.12%
Published
2019-07-23
Updated
2020-08-24
Jsish 2.4.84 2.0484 is affected by: Uncontrolled Resource Consumption. The impact is: denial of service. The component is: function jsiValueGetString (jsiUtils.c). The attack vector is: executing crafted javascript code. The fixed version is: after commit f3a8096e0ce44bbf36c1dcb6e603adf9c8670c39.
Max CVSS
7.5
EPSS Score
0.10%
Published
2019-07-25
Updated
2019-08-01
Jsish 2.4.83 2.0483 is affected by: Nullpointer dereference. The impact is: denial of service. The component is: function jsi_DumpFunctions (jsiEval.c:567). The attack vector is: executing crafted javascript code. The fixed version is: 2.4.84.
Max CVSS
7.5
EPSS Score
0.12%
Published
2019-07-23
Updated
2019-07-23
Jsish 2.4.77 2.0477 is affected by: Use After Free. The impact is: denial of service. The component is: function Jsi_ObjFree (jsiObj.c:230). The attack vector is: executing crafted javascript code. The fixed version is: 2.4.78.
Max CVSS
7.5
EPSS Score
0.12%
Published
2019-07-23
Updated
2019-07-23
Jsish 2.4.77 2.0477 is affected by: Out-of-bounds Read. The impact is: denial of service. The component is: function lexer_getchar (jsiLexer.c:9). The attack vector is: executing crafted javascript code. The fixed version is: 2.4.78.
Max CVSS
7.5
EPSS Score
0.12%
Published
2019-07-23
Updated
2019-07-23
jsish 2.4.74 2.0474 is affected by: CWE-476: NULL Pointer Dereference. The impact is: denial of service. The component is: function Jsi_StrcmpDict (jsiChar.c:121). The attack vector is: The victim must execute crafted javascript code. The fixed version is: 2.4.77.
Max CVSS
5.5
EPSS Score
0.07%
Published
2019-07-23
Updated
2019-10-09
7 vulnerabilities found