PT-2020-16085 · Moddable · Moddable Sdk

Kvenux

Published

2020-12-04

Updated

2020-12-05

CVE-2020-25462

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Moddable SDK versions prior to OS200903

Description The issue is related to a heap buffer overflow in the fxCheckArrowFunction function at moddable/xs/sources/xsSyntaxical.c:3562.

Recommendations For Moddable SDK versions prior to OS200903, update to a version that includes the fix for the heap buffer overflow in the fxCheckArrowFunction function.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2020-25462

Affected Products

Moddable Sdk

PT-2020-16085 · Moddable · Moddable Sdk

CVE-2020-25462

Weakness Enumeration

Related Identifiers

Affected Products

References · 6