Browse all 6 CVE security advisories affecting Jsish. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Jsish is a lightweight scripting language implementation of JavaScript designed for embedded systems and automation tasks. Historically, it has been associated with several remote code execution vulnerabilities due to unsafe evaluation functions and input validation flaws. Cross-site scripting (XSS) vulnerabilities have also been prevalent, often stemming from improper sanitization of user-supplied data. While no major public security incidents have been documented, the six CVEs recorded reveal consistent patterns of privilege escalation risks through insecure default configurations and insufficient access controls. The project's minimal attack surface is offset by recurring issues in input handling and sandboxing mechanisms, requiring careful implementation in security-sensitive environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-1010177 | Jsish 资源管理错误漏洞 — Jsi | 9.8 | - | 2019-07-24 |
| CVE-2019-1010173 | Jsish 输入验证错误漏洞 — Jsi | 7.5 | - | 2019-07-23 |
| CVE-2019-1010171 | Jsish 代码问题漏洞 — Jsi | 7.5 | - | 2019-07-23 |
| CVE-2019-1010170 | Jsish 资源管理错误漏洞 — Jsi | 7.5 | - | 2019-07-23 |
| CVE-2019-1010169 | Jsish 缓冲区错误漏洞 — Jsi | 7.5 | - | 2019-07-23 |
This page lists every published CVE security advisory associated with Jsish. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.