mjs
by Cesanta
CVEs (83)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-43338 | Cri | 0.64 | 9.8 | 0.01 | Sep 23, 2023 | Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjs_get_ptr(). This vulnerability allows attackers to execute arbitrary code via a crafted input. | ||
| CVE-2021-46527 | Hig | 0.51 | 7.8 | 0.01 | Jan 27, 2022 | Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_get_cstring at src/mjs_string.c. | ||
| CVE-2021-46526 | Hig | 0.51 | 7.8 | 0.01 | Jan 27, 2022 | Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via snquote at src/mjs_json.c. | ||
| CVE-2021-46525 | Hig | 0.51 | 7.8 | 0.01 | Jan 27, 2022 | Cesanta MJS v2.20.0 was discovered to contain a heap-use-after-free via mjs_apply at src/mjs_exec.c. | ||
| CVE-2021-46524 | Hig | 0.51 | 7.8 | 0.01 | Jan 27, 2022 | Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via snquote at mjs/src/mjs_json.c. | ||
| CVE-2021-46523 | Hig | 0.51 | 7.8 | 0.01 | Jan 27, 2022 | Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via to_json_or_debug at mjs/src/mjs_json.c. | ||
| CVE-2021-46522 | Hig | 0.51 | 7.8 | 0.01 | Jan 27, 2022 | Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via /usr/lib/x86_64-linux-gnu/libasan.so.4+0xaff53. | ||
| CVE-2021-46521 | Hig | 0.51 | 7.8 | 0.01 | Jan 27, 2022 | Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via c_vsnprintf at mjs/src/common/str_util.c. | ||
| CVE-2021-46520 | Hig | 0.51 | 7.8 | 0.01 | Jan 27, 2022 | Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_jprintf at src/mjs_util.c. | ||
| CVE-2021-46519 | Hig | 0.51 | 7.8 | 0.01 | Jan 27, 2022 | Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_array_length at src/mjs_array.c. | ||
| CVE-2021-46518 | Hig | 0.51 | 7.8 | 0.01 | Jan 27, 2022 | Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_disown at src/mjs_core.c. | ||
| CVE-2021-46513 | Hig | 0.51 | 7.8 | 0.01 | Jan 27, 2022 | Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via mjs_mk_string at mjs/src/mjs_string.c. | ||
| CVE-2021-46509 | Hig | 0.51 | 7.8 | 0.01 | Jan 27, 2022 | Cesanta MJS v2.20.0 was discovered to contain a stack overflow via snquote at mjs/src/mjs_json.c. | ||
| CVE-2024-35386 | Hig | 0.49 | 7.5 | 0.01 | May 21, 2024 | An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_do_gc function in the mjs.c file. | ||
| CVE-2023-49553 | Hig | 0.49 | 7.5 | 0.01 | Jan 2, 2024 | An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_destroy function in the msj.c file. | ||
| CVE-2023-49552 | Hig | 0.49 | 7.5 | 0.01 | Jan 2, 2024 | An Out of Bounds Write in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_stringify function in the msj.c file. | ||
| CVE-2023-49551 | Hig | 0.49 | 7.5 | 0.01 | Jan 2, 2024 | An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_parse function in the msj.c file. | ||
| CVE-2023-49550 | Hig | 0.49 | 7.5 | 0.01 | Jan 2, 2024 | An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs+0x4ec508 component. | ||
| CVE-2023-49549 | Hig | 0.49 | 7.5 | 0.01 | Jan 2, 2024 | An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_getretvalpos function in the msj.c file. | ||
| CVE-2024-35384 | Med | 0.36 | 5.5 | 0.00 | May 21, 2024 | An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_array_length function in the mjs.c file. |
- risk 0.64cvss 9.8epss 0.01
Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjs_get_ptr(). This vulnerability allows attackers to execute arbitrary code via a crafted input.
- risk 0.51cvss 7.8epss 0.01
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_get_cstring at src/mjs_string.c.
- risk 0.51cvss 7.8epss 0.01
Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via snquote at src/mjs_json.c.
- risk 0.51cvss 7.8epss 0.01
Cesanta MJS v2.20.0 was discovered to contain a heap-use-after-free via mjs_apply at src/mjs_exec.c.
- risk 0.51cvss 7.8epss 0.01
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via snquote at mjs/src/mjs_json.c.
- risk 0.51cvss 7.8epss 0.01
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via to_json_or_debug at mjs/src/mjs_json.c.
- risk 0.51cvss 7.8epss 0.01
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via /usr/lib/x86_64-linux-gnu/libasan.so.4+0xaff53.
- risk 0.51cvss 7.8epss 0.01
Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via c_vsnprintf at mjs/src/common/str_util.c.
- risk 0.51cvss 7.8epss 0.01
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_jprintf at src/mjs_util.c.
- risk 0.51cvss 7.8epss 0.01
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_array_length at src/mjs_array.c.
- risk 0.51cvss 7.8epss 0.01
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_disown at src/mjs_core.c.
- risk 0.51cvss 7.8epss 0.01
Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via mjs_mk_string at mjs/src/mjs_string.c.
- risk 0.51cvss 7.8epss 0.01
Cesanta MJS v2.20.0 was discovered to contain a stack overflow via snquote at mjs/src/mjs_json.c.
- risk 0.49cvss 7.5epss 0.01
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_do_gc function in the mjs.c file.
- risk 0.49cvss 7.5epss 0.01
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_destroy function in the msj.c file.
- risk 0.49cvss 7.5epss 0.01
An Out of Bounds Write in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_stringify function in the msj.c file.
- risk 0.49cvss 7.5epss 0.01
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_parse function in the msj.c file.
- risk 0.49cvss 7.5epss 0.01
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs+0x4ec508 component.
- risk 0.49cvss 7.5epss 0.01
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_getretvalpos function in the msj.c file.
- risk 0.36cvss 5.5epss 0.00
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_array_length function in the mjs.c file.
Page 1 of 5