vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13991
Reference (s):
- https://github.com/googleprojectzero/fuzzilli#JerryScript
- https://github.com/jerryscript-project/jerryscript/issues/3858
- https://github.com/jerryscript-project/jerryscript/issues/3859
- https://github.com/jerryscript-project/jerryscript/issues/3860
- https://github.com/jerryscript-project/jerryscript/pull/3867