Jsish version 2.4.65 contains a CWE-476: NULL Pointer Dereference vulnerability in Function jsi_ValueCopyMove from jsiValue.c:240 that can result in Crash due to segmentation fault. This attack appear to be exploitable via a crafted javascript code. This vulnerability appears to have been fixed in 2.4.67.
References
Link | Resource |
---|---|
https://jsish.org/fossil/jsi/tktview/3b8f95574f2c9dddf5ffea71e0086b2e6f6dd71e | Exploit Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:21:58
Updated: 2022-10-03T16:21:58
Reserved: 2018-08-14T00:00:00
Link: CVE-2018-1000655
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-08-20T19:31:45.120
Modified: 2018-10-25T14:38:20.333
Link: CVE-2018-1000655
JSON object: View
Redhat Information
No data.
CWE