Your submission was sent successfully! Close

CVE-2021-43453

Published: 7 April 2022

A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions via an out-of-bounds read in parser_parse_for_statement_start in the js-parser-statm.c file. This issue is similar to CVE-2020-29657.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
iotjs
Launchpad, Ubuntu, Debian
bionic Needs triage

impish Needs triage

jammy Needs triage

trusty Ignored
(out of standard support)
upstream Needs triage

xenial Ignored
(out of standard support)