CVE-2021-44988
Published: 25 January 2022
Jerryscript v3.0.0 and below was discovered to contain a stack overflow via ecma_find_named_property in ecma-helpers.c.
Priority
Medium
CVSS 3 base score: 7.8
Status
| Package | Release | Status |
|---|---|---|
|
iotjs Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not present)
|
| impish |
Not vulnerable
(code not present)
|
|
| jammy |
Needs triage
|
|
| trusty |
Ignored
(out of standard support)
|
|
| upstream |
Not vulnerable
(debian: Vulnerable code introduced later)
|
|
| xenial |
Ignored
(out of standard support)
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44988
- https://github.com/jerryscript-project/jerryscript/issues/4891
- https://github.com/jerryscript-project/jerryscript/issues/4890
- https://github.com/jerryscript-project/jerryscript/pull/4899
- https://security.samsungmobile.com/securityUpdate.smsb
- NVD
- Launchpad
- Debian