Latest artifex mujs Vulnerabilities

CVE-2021-33796
In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service.
Artifex MuJS<1.1.2
CVE-2021-33797
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floating point exponent, which leads to a buffer overflow in the pointer *...
Artifex MuJS>=1.0.1<=1.1.1
CVE-2022-44789
A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a cra...
debian/mujs
Artifex MuJS>=1.0.0<1.3.2
Debian Debian Linux=11.0
Fedoraproject Fedora=37
CVE-2022-30975
In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp.
Artifex MuJS<=1.2.0
Debian Debian Linux=11.0
Fedoraproject Fedora=37
debian/mujs
CVE-2022-30974
compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413.
Artifex MuJS<=1.2.0
Debian Debian Linux=11.0
Fedoraproject Fedora=37
debian/mujs
CVE-2021-45005
Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements.
Artifex MuJS=1.1.3
CVE-2020-22885
Buffer overflow vulnerability in mujs before 1.0.8 due to recursion in the GC scanning phase, allows remote attackers to cause a denial of service.
Artifex MuJS<1.0.8
CVE-2020-22886
Artifex MuJS<1.0.8
CVE-2020-24343
Artifex MuJS<=1.0.7
CVE-2019-12798
Artifex MuJS=1.0.5
CVE-2019-11413
An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check.
Artifex MuJS=1.0.5
CVE-2019-11412
An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call.
Artifex MuJS=1.0.5
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
CVE-2019-11411
An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based buffer overflow.
Artifex MuJS=1.0.5

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203