mjs
by Cesanta
CVEs (83)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-30088 | Med | 0.36 | 5.5 | 0.00 | May 9, 2023 | An issue found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_execute function in mjs.c. | ||
| CVE-2023-30087 | Med | 0.36 | 5.5 | 0.00 | May 9, 2023 | Buffer Overflow vulnerability found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_mk_string function in mjs.c. | ||
| CVE-2023-29570 | Med | 0.36 | 5.5 | 0.00 | Apr 24, 2023 | Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_ffi_cb_free at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS). | ||
| CVE-2023-29569 | Med | 0.36 | 5.5 | 0.00 | Apr 14, 2023 | Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via ffi_cb_impl_wpwwwww at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS). | ||
| CVE-2023-29571 | Med | 0.36 | 5.5 | 0.00 | Apr 12, 2023 | Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via gc_sweep at src/mjs_gc.c. This vulnerability can lead to a Denial of Service (DoS). | ||
| CVE-2021-36535 | Med | 0.36 | 5.5 | 0.00 | Feb 3, 2023 | Buffer Overflow vulnerability in Cesanta mJS 1.26 allows remote attackers to cause a denial of service via crafted .js file to mjs_set_errorf. | ||
| CVE-2021-33449 | Med | 0.36 | 5.5 | 0.00 | Jul 26, 2022 | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_part_get_by_offset() in mjs.c. | ||
| CVE-2021-33448 | Med | 0.36 | 5.5 | 0.00 | Jul 26, 2022 | An issue was discovered in mjs(mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow at 0x7fffe9049390. | ||
| CVE-2021-33447 | Med | 0.36 | 5.5 | 0.00 | Jul 26, 2022 | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_print() in mjs.c. | ||
| CVE-2021-33446 | Med | 0.36 | 5.5 | 0.00 | Jul 26, 2022 | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_next() in mjs.c. | ||
| CVE-2021-33445 | Med | 0.36 | 5.5 | 0.00 | Jul 26, 2022 | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_string_char_code_at() in mjs.c. | ||
| CVE-2021-33444 | Med | 0.36 | 5.5 | 0.00 | Jul 26, 2022 | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in getprop_builtin_foreign() in mjs.c. | ||
| CVE-2021-33443 | Med | 0.36 | 5.5 | 0.00 | Jul 26, 2022 | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in mjs_execute() in mjs.c. | ||
| CVE-2021-33441 | Med | 0.36 | 5.5 | 0.00 | Jul 26, 2022 | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in exec_expr() in mjs.c. | ||
| CVE-2021-33440 | Med | 0.36 | 5.5 | 0.00 | Jul 26, 2022 | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_commit() in mjs.c. | ||
| CVE-2021-33439 | Med | 0.36 | 5.5 | 0.00 | Jul 26, 2022 | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is Integer overflow in gc_compact_strings() in mjs.c. | ||
| CVE-2021-33438 | Med | 0.36 | 5.5 | 0.00 | Jul 26, 2022 | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in json_parse_array() in mjs.c. | ||
| CVE-2021-46556 | Med | 0.36 | 5.5 | 0.01 | Jan 27, 2022 | Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_bcode_insert_offset at src/mjs_bcode.c. This vulnerability can lead to a Denial of Service (DoS). | ||
| CVE-2021-46554 | Med | 0.36 | 5.5 | 0.01 | Jan 27, 2022 | Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_json_stringify at src/mjs_json.c. This vulnerability can lead to a Denial of Service (DoS). | ||
| CVE-2021-46553 | Med | 0.36 | 5.5 | 0.01 | Jan 27, 2022 | Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_set_internal at src/mjs_object.c. This vulnerability can lead to a Denial of Service (DoS). |
- risk 0.36cvss 5.5epss 0.00
An issue found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_execute function in mjs.c.
- risk 0.36cvss 5.5epss 0.00
Buffer Overflow vulnerability found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_mk_string function in mjs.c.
- risk 0.36cvss 5.5epss 0.00
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_ffi_cb_free at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS).
- risk 0.36cvss 5.5epss 0.00
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via ffi_cb_impl_wpwwwww at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS).
- risk 0.36cvss 5.5epss 0.00
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via gc_sweep at src/mjs_gc.c. This vulnerability can lead to a Denial of Service (DoS).
- risk 0.36cvss 5.5epss 0.00
Buffer Overflow vulnerability in Cesanta mJS 1.26 allows remote attackers to cause a denial of service via crafted .js file to mjs_set_errorf.
- risk 0.36cvss 5.5epss 0.00
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_part_get_by_offset() in mjs.c.
- risk 0.36cvss 5.5epss 0.00
An issue was discovered in mjs(mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow at 0x7fffe9049390.
- risk 0.36cvss 5.5epss 0.00
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_print() in mjs.c.
- risk 0.36cvss 5.5epss 0.00
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_next() in mjs.c.
- risk 0.36cvss 5.5epss 0.00
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_string_char_code_at() in mjs.c.
- risk 0.36cvss 5.5epss 0.00
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in getprop_builtin_foreign() in mjs.c.
- risk 0.36cvss 5.5epss 0.00
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in mjs_execute() in mjs.c.
- risk 0.36cvss 5.5epss 0.00
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in exec_expr() in mjs.c.
- risk 0.36cvss 5.5epss 0.00
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_commit() in mjs.c.
- risk 0.36cvss 5.5epss 0.00
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is Integer overflow in gc_compact_strings() in mjs.c.
- risk 0.36cvss 5.5epss 0.00
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in json_parse_array() in mjs.c.
- risk 0.36cvss 5.5epss 0.01
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_bcode_insert_offset at src/mjs_bcode.c. This vulnerability can lead to a Denial of Service (DoS).
- risk 0.36cvss 5.5epss 0.01
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_json_stringify at src/mjs_json.c. This vulnerability can lead to a Denial of Service (DoS).
- risk 0.36cvss 5.5epss 0.01
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_set_internal at src/mjs_object.c. This vulnerability can lead to a Denial of Service (DoS).
Page 2 of 5