Mujs
by Artifex
Source repositories
CVEs (26)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-45005 | 0.00 | — | 0.01 | Feb 14, 2022 | Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements. | |||
| CVE-2020-24343 | 0.00 | — | 0.01 | Aug 13, 2020 | Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c. | |||
| CVE-2019-12798 | 0.00 | — | 0.02 | Jun 13, 2019 | An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to an overflow of the parsed syntax list size. | |||
| CVE-2019-11413 | 0.00 | — | 0.02 | Apr 21, 2019 | An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check. | |||
| CVE-2019-11412 | 0.00 | — | 0.02 | Apr 21, 2019 | An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call. | |||
| CVE-2019-11411 | 0.00 | — | 0.03 | Apr 21, 2019 | An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based buffer overflow. |
- CVE-2021-45005Feb 14, 2022risk 0.00cvss —epss 0.01
Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements.
- CVE-2020-24343Aug 13, 2020risk 0.00cvss —epss 0.01
Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c.
- CVE-2019-12798Jun 13, 2019risk 0.00cvss —epss 0.02
An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to an overflow of the parsed syntax list size.
- CVE-2019-11413Apr 21, 2019risk 0.00cvss —epss 0.02
An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check.
- CVE-2019-11412Apr 21, 2019risk 0.00cvss —epss 0.02
An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call.
- CVE-2019-11411Apr 21, 2019risk 0.00cvss —epss 0.03
An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based buffer overflow.
Page 2 of 2