Moddable ≫ Moddable

Moddable commit before 135aa9a4a6a9b49b60aa730ebc3bcc6247d75c45 was discovered to contain an out-of-bounds read via the function fxUint8Getter at /moddable/xs/sources/xsDataView.c.

OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow via the component /modules/network/wifi/esp/modwifi.c.

OpenSource Moddable v10.5.0 was discovered to contain a stack overflow via the component /moddable/xs/sources/xsScript.c.

OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_String_prototype_repeat function at /moddable/xs/sources/xsString.c.

OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fxIDToString function at /moddable/xs/sources/xsSymbol.c.

OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_ArrayBuffer function at /moddable/xs/sources/xsDataView.c.

OpenSource Moddable v10.5.0 was discovered to contain buffer over-read in the fxDebugThrow function at /moddable/xs/sources/xsDebug.c.

OpenSource Moddable v10.5.0 was discovered to contain a stack overflow in the fxBinaryExpressionNodeDistribute function at /moddable/xs/sources/xsTree.c.

Issue was discovered in the fxParserTree function in moddable, allows attackers to cause denial of service via a crafted payload. Fixed in commit 723816ab9b52f807180c99fc69c7d08cf6c6bd61.

Null Pointer Dereference. in xObjectBindingFromExpression at moddable/xs/sources/xsSyntaxical.c:3419 in Moddable SDK before OS200908 causes a denial of service (SEGV).