PT-2022-11717 · Unknown · Jerryscript

Symatrix6

Published

2022-05-12

Updated

2022-05-23

CVE-2021-42863

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions JerryScript version fe3a5c0

Description A buffer overflow in the ecma builtin typedarray prototype filter() function allows an attacker to construct a fake object or a fake arraybuffer with unlimited size.

Recommendations For JerryScript version fe3a5c0, consider disabling the ecma builtin typedarray prototype filter() function until a patch is available to prevent exploitation.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2021-42863

Affected Products

Jerryscript

PT-2022-11717 · Unknown · Jerryscript

CVE-2021-42863

Weakness Enumeration

Related Identifiers

Affected Products

References · 11