CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-33796

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1160%
EPSS Percentile38.04th
Published2023年7月7日
Last Modified2024年11月21日

Vulnerability Description

In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service.

Affected Platforms (CPE)

📦
Artifex

Mujs

< 1.1.2

References & Advisories

🔗 https://github.com/ccxvii/mujs/commit/7ef066a3bb95bf83e7c5be50d859e62e58fe8515
🔗 https://github.com/ccxvii/mujs/commit/7ef066a3bb95bf83e7c5be50d859e62e58fe8515

相關漏洞威脅

CVE-2019-114119.8

An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based ...

CVE-2021-450059.8

Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally...

CVE-2019-127989.8

An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to ...

CVE-2021-337979.8

Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floa...