Your submission was sent successfully! Close

CVE-2021-43453

Published: 7 April 2022

A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions via an out-of-bounds read in parser_parse_for_statement_start in the js-parser-statm.c file. This issue is similar to CVE-2020-29657.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
iotjs
Launchpad, Ubuntu, Debian 		bionic Needs triage

impish Needs triage

jammy Needs triage

trusty Ignored
(out of standard support)
upstream Needs triage

xenial Ignored
(out of standard support)

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading