Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OP_NEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather than consuming it during OP_INSTANCEOF. As a result, OP_NEXT interprets the array as an iterator object and reads the iterCmd function pointer from an invalid structure, potentially causing a crash or enabling code execution depending on heap layout.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Jsish 安全漏洞
Vulnerability Description
Jsish是pcmacdon个人开发者的一款使用C语言编写的、内置数据库的小型JavaScript解析器。 Jsish 2.0版本存在安全漏洞,该漏洞源于类型混淆,可能导致崩溃或代码执行。
CVSS Information
N/A
Vulnerability Type
N/A