CVE-2018-11418

Published May 24th, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_utf8 function via a RegExp("[\\u0020") payload, related to re_parse_char_class in parser/regexp/re-parser.c.

jerryscript-project/jerryscript

Ultra-lightweight JavaScript engine for the Internet of Things.

GitHub

7.39K