CVE-2020-13622

Published: May 27, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

JerryScript 2.2.0 allows attackers to cause a denial of service (assertion failure) because a property key query for a Proxy object returns unintended data.

Affected (1)

Products: Jerryscript: Jerryscript

Jerryscript

1 product

Jerryscript

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Jerryscript Jerryscript	Version 2.2.0

Related CWEs

CWE-617

Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

References (4)

https://github.com/jerryscript-project/jerryscript/issues/3787

Source: cve@mitre.org

Third Party Advisory

https://github.com/jerryscript-project/jerryscript/pull/3797

Source: cve@mitre.org

Third Party Advisory

https://github.com/jerryscript-project/jerryscript/issues/3787

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://github.com/jerryscript-project/jerryscript/pull/3797

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.