exploitDog

CVE-2019-1010172

Опубликовано: 25 июл. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Jsish 2.4.84 2.0484 is affected by: Uncontrolled Resource Consumption. The impact is: denial of service. The component is: function jsiValueGetString (jsiUtils.c). The attack vector is: executing crafted javascript code. The fixed version is: after commit f3a8096e0ce44bbf36c1dcb6e603adf9c8670c39.

Ссылки

https://jsish.org/fossil/jsi/tktview/16f01b0177c2e309ab01102feb76b39d57a3eb66
Vendor Advisory
https://jsish.org/fossil/jsi/tktview/16f01b0177c2e309ab01102feb76b39d57a3eb66
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jsish:jsish:2.4.84_2.0484:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00536

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-400

Связанные уязвимости

GHSA-mvhf-wv9j-hp9m

CVSS3: 7.5

github

больше 3 лет назад

Jsish 2.4.84 2.0484 is affected by: Uncontrolled Resource Consumption. The impact is: denial of service. The component is: function jsiValueGetString (jsiUtils.c). The attack vector is: executing crafted javascript code. The fixed version is: after commit f3a8096e0ce44bbf36c1dcb6e603adf9c8670c39.

EPSS

Процентиль: 67%

0.00536

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-400