Vulnerabilities

CVE-2020-24345

by Fred · 13/08/2020

** DISPUTED ** JerryScript through 2.3.0 allows stack consumption via function a(){new new Proxy(a,{})}JSON.parse("[]",a). NOTE: the vendor states that the problem is the lack of the –stack-limit option.

Date published : 2020-08-13

https://github.com/jerryscript-project/jerryscript/issues/3977

Similar

Tags: Cybersecurity Alert