CVE-2021-43453: Buffer Overflow
First published: Thu Apr 07 2022(Updated: )
A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions via an out-of-bounds read in parser_parse_for_statement_start in the js-parser-statm.c file. This issue is similar to CVE-2020-29657.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jerryscript Jerryscript | <=2.4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this JerryScript vulnerability?
The vulnerability ID for this JerryScript vulnerability is CVE-2021-43453.
What is the severity of CVE-2021-43453?
The severity of CVE-2021-43453 is critical with a score of 9.8.
How does the vulnerability CVE-2021-43453 occur?
The vulnerability CVE-2021-43453 occurs due to a Heap-based Buffer Overflow in JerryScript 2.4.0 and prior versions.
Which software versions are affected by CVE-2021-43453?
CVE-2021-43453 affects JerryScript versions up to and including 2.4.0.
Is there a fix available for CVE-2021-43453?
Currently, there is no available fix for CVE-2021-43453. It is recommended to follow the official JerryScript project for any updates or patches.
- collector/nvd-api
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/jerryscript
- canonical/jerryscript jerryscript
- version/jerryscript jerryscript/2.4.0