{"id":"CVE-2020-25465","details":"Null Pointer Dereference. in xObjectBindingFromExpression at moddable/xs/sources/xsSyntaxical.c:3419 in Moddable SDK before OS200908 causes a denial of service (SEGV).","modified":"2026-04-11T11:23:24.785505Z","published":"2020-12-04T17:15:13.040Z","references":[{"type":"ADVISORY","url":"https://github.com/Moddable-OpenSource/moddable/releases/tag/OS200908"},{"type":"EVIDENCE","url":"https://github.com/Moddable-OpenSource/moddable/issues/442"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/moddable-opensource/moddable","events":[{"introduced":"0"},{"fixed":"13b939d91415059d75d666eeb0150a406e8aad1c"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"os200908"}]}}],"versions":["OS200831","OS200903"],"database_specific":{"vanir_signatures":[{"deprecated":false,"id":"CVE-2020-25465-3324651c","target":{"file":"tools/adpcm-lib.c"},"signature_type":"Line","signature_version":"v1","source":"https://github.com/moddable-opensource/moddable/commit/13b939d91415059d75d666eeb0150a406e8aad1c","digest":{"threshold":0.9,"line_hashes":["163763250241959081810483249651220768029","196167388763708074432343828433249770400","259217368796255899204184698927223548289","170851852752589358369262650058775792039"]}},{"deprecated":false,"id":"CVE-2020-25465-f94c5122","target":{"function":"adpcm_decode_block","file":"tools/adpcm-lib.c"},"signature_type":"Function","signature_version":"v1","source":"https://github.com/moddable-opensource/moddable/commit/13b939d91415059d75d666eeb0150a406e8aad1c","digest":{"function_hash":"296004142866316237889337510996652216417","length":1469}}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-25465.json","vanir_signatures_modified":"2026-04-11T11:23:24Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}