Описание
Jsish 2.4.70 2.047 is affected by: Use After Free. The impact is: denial of service and possibly arbitrary code execution. The component is: function Jsi_RegExpNew (jsi/jsiRegexp.c:39). The attack vector is: executing crafted javascript code. The fixed version is: after commit 48a66c798d.
Ссылки
- ExploitVendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:jsish:jsish:2.4.70_2.047:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01297
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-416
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Jsish 2.4.70 2.047 is affected by: Use After Free. The impact is: denial of service and possibly arbitrary code execution. The component is: function Jsi_RegExpNew (jsi/jsiRegexp.c:39). The attack vector is: executing crafted javascript code. The fixed version is: after commit 48a66c798d.
EPSS
Процентиль: 79%
0.01297
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-416