PT-2020-16086 · Moddable · Moddable Sdk

Kvenux

Published

2020-12-04

Updated

2020-12-04

CVE-2020-25463

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Moddable SDK versions prior to OS200908

Description The issue is related to an invalid memory access in the fxUTF8Decode function at moddable/xs/sources/xsCommon.c:916, which causes a denial of service (SEGV).

Recommendations For Moddable SDK versions prior to OS200908, update to a version that includes the fix for the invalid memory access issue in the fxUTF8Decode function.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-25463

Affected Products

Moddable Sdk

PT-2020-16086 · Moddable · Moddable Sdk

CVE-2020-25463

Related Identifiers

Affected Products

References · 5