exploitDog

GHSA-92m7-86f6-r2hj

Опубликовано: 23 сент. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjs_get_ptr(). This vulnerability allows attackers to execute arbitrary code via a crafted input.

Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjs_get_ptr(). This vulnerability allows attackers to execute arbitrary code via a crafted input.

Ссылки

EPSS

Процентиль: 52%

0.0029

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-787

Связанные уязвимости

CVE-2023-43338

CVSS3: 9.8

nvd

больше 2 лет назад

Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjs_get_ptr(). This vulnerability allows attackers to execute arbitrary code via a crafted input.

EPSS

Процентиль: 52%

0.0029

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-787