CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-45005

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1850%
EPSS Percentile13.49th
Published2022年2月14日
Last Modified2024年11月21日

Vulnerability Description

Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements.

Affected Platforms (CPE)

📦
Artifex

Mujs

= 1.1.3

References & Advisories

🔗 https://bugs.ghostscript.com/show_bug.cgi?id=704749
🔗 https://github.com/ccxvii/mujs/commit/df8559e7bdbc6065276e786217eeee70f28fce66
🔗 https://bugs.ghostscript.com/show_bug.cgi?id=704749
🔗 https://github.com/ccxvii/mujs/commit/df8559e7bdbc6065276e786217eeee70f28fce66

相關漏洞威脅

CVE-2021-3379610.0

In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service.

CVE-2021-337979.8

Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floa...

CVE-2019-127989.8

An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to ...

CVE-2019-114119.8

An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based ...