VYPR

mjs

by Cesanta

CVEs (83)

  • CVE-2023-43338CriSep 23, 2023
    risk 0.64cvss 9.8epss 0.01

    Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjs_get_ptr(). This vulnerability allows attackers to execute arbitrary code via a crafted input.

  • CVE-2021-46527HigJan 27, 2022
    risk 0.51cvss 7.8epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_get_cstring at src/mjs_string.c.

  • CVE-2021-46526HigJan 27, 2022
    risk 0.51cvss 7.8epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via snquote at src/mjs_json.c.

  • CVE-2021-46525HigJan 27, 2022
    risk 0.51cvss 7.8epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a heap-use-after-free via mjs_apply at src/mjs_exec.c.

  • CVE-2021-46524HigJan 27, 2022
    risk 0.51cvss 7.8epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via snquote at mjs/src/mjs_json.c.

  • CVE-2021-46523HigJan 27, 2022
    risk 0.51cvss 7.8epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via to_json_or_debug at mjs/src/mjs_json.c.

  • CVE-2021-46522HigJan 27, 2022
    risk 0.51cvss 7.8epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via /usr/lib/x86_64-linux-gnu/libasan.so.4+0xaff53.

  • CVE-2021-46521HigJan 27, 2022
    risk 0.51cvss 7.8epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via c_vsnprintf at mjs/src/common/str_util.c.

  • CVE-2021-46520HigJan 27, 2022
    risk 0.51cvss 7.8epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_jprintf at src/mjs_util.c.

  • CVE-2021-46519HigJan 27, 2022
    risk 0.51cvss 7.8epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_array_length at src/mjs_array.c.

  • CVE-2021-46518HigJan 27, 2022
    risk 0.51cvss 7.8epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_disown at src/mjs_core.c.

  • CVE-2021-46513HigJan 27, 2022
    risk 0.51cvss 7.8epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via mjs_mk_string at mjs/src/mjs_string.c.

  • CVE-2021-46509HigJan 27, 2022
    risk 0.51cvss 7.8epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a stack overflow via snquote at mjs/src/mjs_json.c.

  • CVE-2024-35386HigMay 21, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_do_gc function in the mjs.c file.

  • CVE-2023-49553HigJan 2, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_destroy function in the msj.c file.

  • CVE-2023-49552HigJan 2, 2024
    risk 0.49cvss 7.5epss 0.01

    An Out of Bounds Write in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_stringify function in the msj.c file.

  • CVE-2023-49551HigJan 2, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_parse function in the msj.c file.

  • CVE-2023-49550HigJan 2, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs+0x4ec508 component.

  • CVE-2023-49549HigJan 2, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_getretvalpos function in the msj.c file.

  • CVE-2024-35384MedMay 21, 2024
    risk 0.36cvss 5.5epss 0.00

    An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_array_length function in the mjs.c file.

Page 1 of 5

VYPR — Vulnerability Intelligence