CVE-2024-29489

Jerryscript 2.4.0 has SEGV at ./jerry-core/ecma/base/ecma-helpers.c:238:58 in ecma_get_object_type.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://gist.github.com/gandalf4a/9826a897ae1e3c8d1c7e71a1ec71d415	Third Party Advisory Exploit Patch
https://github.com/jerryscript-project/jerryscript/commit/cefd391772529c8a9531d7b3c244d78d38be47c6	Patch
https://github.com/jerryscript-project/jerryscript/issues/5101	Exploit Issue Tracking
https://github.com/jerryscript-project/jerryscript/pull/5129	Issue Tracking Patch
https://gist.github.com/gandalf4a/9826a897ae1e3c8d1c7e71a1ec71d415	Third Party Advisory Exploit Patch
https://github.com/jerryscript-project/jerryscript/commit/cefd391772529c8a9531d7b3c244d78d38be47c6	Patch
https://github.com/jerryscript-project/jerryscript/issues/5101	Exploit Issue Tracking
https://github.com/jerryscript-project/jerryscript/pull/5129	Issue Tracking Patch

Configurations

Configuration 1 (hide)

cpe:2.3:a:jerryscript:jerryscript:*:*:*:*:*:*:*:*

History

22 Sep 2025, 17:18

Type	Values Removed	Values Added
First Time		Jerryscript Jerryscript jerryscript
CPE		cpe:2.3:a:jerryscript:jerryscript::::::::
References	~~() https://gist.github.com/gandalf4a/9826a897ae1e3c8d1c7e71a1ec71d415 -~~	() https://gist.github.com/gandalf4a/9826a897ae1e3c8d1c7e71a1ec71d415 - Third Party Advisory, Exploit, Patch
References	~~() https://github.com/jerryscript-project/jerryscript/commit/cefd391772529c8a9531d7b3c244d78d38be47c6 -~~	() https://github.com/jerryscript-project/jerryscript/commit/cefd391772529c8a9531d7b3c244d78d38be47c6 - Patch
References	~~() https://github.com/jerryscript-project/jerryscript/issues/5101 -~~	() https://github.com/jerryscript-project/jerryscript/issues/5101 - Exploit, Issue Tracking
References	~~() https://github.com/jerryscript-project/jerryscript/pull/5129 -~~	() https://github.com/jerryscript-project/jerryscript/pull/5129 - Issue Tracking, Patch

21 Nov 2024, 09:08

Type	Values Removed	Values Added
References	~~() https://gist.github.com/gandalf4a/9826a897ae1e3c8d1c7e71a1ec71d415 -~~	() https://gist.github.com/gandalf4a/9826a897ae1e3c8d1c7e71a1ec71d415 -
References	~~() https://github.com/jerryscript-project/jerryscript/commit/cefd391772529c8a9531d7b3c244d78d38be47c6 -~~	() https://github.com/jerryscript-project/jerryscript/commit/cefd391772529c8a9531d7b3c244d78d38be47c6 -
References	~~() https://github.com/jerryscript-project/jerryscript/issues/5101 -~~	() https://github.com/jerryscript-project/jerryscript/issues/5101 -
References	~~() https://github.com/jerryscript-project/jerryscript/pull/5129 -~~	() https://github.com/jerryscript-project/jerryscript/pull/5129 -

22 Aug 2024, 19:35

Type	Values Removed	Values Added
Summary		(es) Jerryscript 2.4.0 tiene SEGV en ./jerry-core/ecma/base/ecma-helpers.c:238:58 en ecma_get_object_type.
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		CWE-476

28 Mar 2024, 23:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-03-28 23:15

Updated : 2025-09-22 17:18

NVD link : CVE-2024-29489

Mitre link : CVE-2024-29489

CVE.ORG link : CVE-2024-29489

JSON object : View

Products Affected

jerryscript

jerryscript

CWE

CWE-476

NULL Pointer Dereference

5.5 /10