{"id":"CVE-2020-25463","details":"Invalid Memory Access in fxUTF8Decode at moddable/xs/sources/xsCommon.c:916 in Moddable SDK before OS200908 causes a denial of service (SEGV).","modified":"2026-04-11T11:23:23.969343Z","published":"2020-12-04T17:15:12.557Z","references":[{"type":"ADVISORY","url":"https://github.com/Moddable-OpenSource/moddable/releases/tag/OS200908"},{"type":"EVIDENCE","url":"https://github.com/Moddable-OpenSource/moddable/issues/440"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/moddable-opensource/moddable","events":[{"introduced":"0"},{"fixed":"13b939d91415059d75d666eeb0150a406e8aad1c"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"os200908"}]}}],"versions":["OS200831","OS200903"],"database_specific":{"vanir_signatures":[{"signature_type":"Line","id":"CVE-2020-25463-3324651c","deprecated":false,"signature_version":"v1","target":{"file":"tools/adpcm-lib.c"},"source":"https://github.com/moddable-opensource/moddable/commit/13b939d91415059d75d666eeb0150a406e8aad1c","digest":{"threshold":0.9,"line_hashes":["163763250241959081810483249651220768029","196167388763708074432343828433249770400","259217368796255899204184698927223548289","170851852752589358369262650058775792039"]}},{"signature_type":"Function","id":"CVE-2020-25463-f94c5122","deprecated":false,"signature_version":"v1","target":{"file":"tools/adpcm-lib.c","function":"adpcm_decode_block"},"source":"https://github.com/moddable-opensource/moddable/commit/13b939d91415059d75d666eeb0150a406e8aad1c","digest":{"length":1469,"function_hash":"296004142866316237889337510996652216417"}}],"vanir_signatures_modified":"2026-04-11T11:23:23Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-25463.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}