CVE-2023-38961: Out-of-bounds Write

August 21, 2023 (updated August 24, 2023)

Buffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0 allows a remote attacker to execute arbitrary code via the scanner_is_context_needed component in js-scanner-until.c.

References

github.com/jerryscript-project/jerryscript/issues/5092
nvd.nist.gov/vuln/detail/CVE-2023-38961

Detect and mitigate CVE-2023-38961 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →