CyberSec.Space Logo
Back to CVE Browser

CVE-2021-33796

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1160%
EPSS Percentile38.04th
PublishedJul 7, 2023
Last ModifiedNov 21, 2024

Vulnerability Description

In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service.

Affected Platforms (CPE)

📦
Artifex

Mujs

< 1.1.2

References & Advisories

🔗 https://github.com/ccxvii/mujs/commit/7ef066a3bb95bf83e7c5be50d859e62e58fe8515
🔗 https://github.com/ccxvii/mujs/commit/7ef066a3bb95bf83e7c5be50d859e62e58fe8515

Related Vulnerabilities

CVE-2019-114119.8

An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based ...

CVE-2021-450059.8

Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally...

CVE-2019-127989.8

An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to ...

CVE-2021-337979.8

Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floa...

CVE-2021-33796 Detail & Impact Analysis | CVSS 10.0 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space