{"id":"CVE-2020-25462","details":"Heap buffer overflow in the fxCheckArrowFunction function at moddable/xs/sources/xsSyntaxical.c:3562 in Moddable SDK before OS200903.","modified":"2026-04-11T11:23:24.531050Z","published":"2020-12-04T17:15:12.493Z","references":[{"type":"ADVISORY","url":"https://github.com/Moddable-OpenSource/moddable/releases/tag/OS200903"},{"type":"EVIDENCE","url":"https://github.com/Moddable-OpenSource/moddable/issues/432"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/moddable-opensource/moddable","events":[{"introduced":"0"},{"fixed":"13b939d91415059d75d666eeb0150a406e8aad1c"},{"fixed":"5639abb24b6d725554969dc0be5822edb54a4a08"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"os200908"}]}}],"versions":["OS200831","OS200903"],"database_specific":{"vanir_signatures_modified":"2026-04-11T11:23:24Z","vanir_signatures":[{"signature_type":"Line","target":{"file":"tools/adpcm-lib.c"},"id":"CVE-2020-25462-3324651c","deprecated":false,"source":"https://github.com/moddable-opensource/moddable/commit/13b939d91415059d75d666eeb0150a406e8aad1c","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["163763250241959081810483249651220768029","196167388763708074432343828433249770400","259217368796255899204184698927223548289","170851852752589358369262650058775792039"]}},{"signature_type":"Function","target":{"function":"adpcm_decode_block","file":"tools/adpcm-lib.c"},"id":"CVE-2020-25462-f94c5122","deprecated":false,"source":"https://github.com/moddable-opensource/moddable/commit/13b939d91415059d75d666eeb0150a406e8aad1c","signature_version":"v1","digest":{"function_hash":"296004142866316237889337510996652216417","length":1469}}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-25462.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}