Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Moddable
(Moddable)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-05-12 | CVE-2022-29368 | Moddable commit before 135aa9a4a6a9b49b60aa730ebc3bcc6247d75c45 was discovered to contain an out-of-bounds read via the function fxUint8Getter at /moddable/xs/sources/xsDataView.c. | Moddable | 7.1 | ||
| 2021-11-19 | CVE-2021-29324 | OpenSource Moddable v10.5.0 was discovered to contain a stack overflow via the component /moddable/xs/sources/xsScript.c. | Moddable | 7.8 | ||
| 2021-11-19 | CVE-2021-29329 | OpenSource Moddable v10.5.0 was discovered to contain a stack overflow in the fxBinaryExpressionNodeDistribute function at /moddable/xs/sources/xsTree.c. | Moddable | 7.8 | ||
| 2021-11-19 | CVE-2021-29323 | OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow via the component /modules/network/wifi/esp/modwifi.c. | Moddable | 5.5 | ||
| 2021-11-19 | CVE-2021-29325 | OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_String_prototype_repeat function at /moddable/xs/sources/xsString.c. | Moddable | 7.8 | ||
| 2021-11-19 | CVE-2021-29326 | OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fxIDToString function at /moddable/xs/sources/xsSymbol.c. | Moddable | 7.8 | ||
| 2021-11-19 | CVE-2021-29327 | OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_ArrayBuffer function at /moddable/xs/sources/xsDataView.c. | Moddable | 7.8 | ||
| 2021-11-19 | CVE-2021-29328 | OpenSource Moddable v10.5.0 was discovered to contain buffer over-read in the fxDebugThrow function at /moddable/xs/sources/xsDebug.c. | Moddable | 7.1 | ||
| 2019-09-16 | CVE-2019-16366 | In XS 9.0.0 in Moddable SDK OS180329, there is a heap-based buffer overflow in fxBeginHost in xsAPI.c when called from fxRunDefine in xsRun.c, as demonstrated by crafted JavaScript code to xst. | Moddable, Xs | 9.8 | ||
| 2021-07-13 | CVE-2020-22882 | Issue was discovered in the fxParserTree function in moddable, allows attackers to cause denial of service via a crafted payload. Fixed in commit 723816ab9b52f807180c99fc69c7d08cf6c6bd61. | Moddable | 7.5 |