CVE-2021-46340: 
Homebrew vulnerability analysis and mitigation

A vulnerability was discovered in JerryScript version 3.0.0, identified as CVE-2021-46340. The issue involves an assertion failure in the JavaScript scanner component at the scannerscanstatement_end function in /parser/js/js-scanner.c. The vulnerability was discovered and reported by the OWL337 team on January 4, 2022 (GitHub Issue).

The vulnerability occurs when processing specific JavaScript code patterns involving async arrow functions. The issue manifests as an assertion failure with the condition 'contextp->stacktopuint8 == SCANSTACKTRYSTATEMENT || contextp->stacktopuint8 == SCANSTACKCATCHSTATEMENT' in the scannerscanstatement_end function. According to the National Vulnerability Database, this vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to a program crash through an assertion failure when processing malformed JavaScript code. This primarily affects the availability of the JerryScript engine when processing specially crafted input (NVD).

The vulnerability affects JerryScript version 3.0.0. Users should update to a patched version of JerryScript when available. The issue was reported and tracked through the project's GitHub repository (GitHub Issue).