PT-2023-25040 · Unknown · Jerryscript

Ejueon

Publicado

2023-06-14

Atualizado

2025-01-02

CVE-2023-34868

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Jerryscript version 3.0 (commit 05dbbd1)

Description The issue is related to an Assertion Failure in the parser parse for statement start function at jerry-core/parser/js/js-parser-statm.c. This failure can occur due to a problem in the parsing mechanism of Jerryscript.

Recommendations For Jerryscript version 3.0 (commit 05dbbd1), consider disabling the parser parse for statement start function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Assertion Failure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-617

Identificadores relacionados

CVE-2023-34868

Produtos afetados

Jerryscript

PT-2023-25040 · Unknown · Jerryscript

CVE-2023-34868

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9