exploitDog

CVE-2021-33444

Опубликовано: 26 июл. 2022

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in getprop_builtin_foreign() in mjs.c.

Ссылки

https://gist.github.com/Clingto/bb632c0c463f4b2c97e4f65f751c5e6d
Third Party Advisory
https://github.com/cesanta/mjs/issues/166
Exploit
Issue Tracking
Patch
Third Party Advisory
https://gist.github.com/Clingto/bb632c0c463f4b2c97e4f65f751c5e6d
Third Party Advisory
https://github.com/cesanta/mjs/issues/166
Exploit
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cesanta:mjs:*:*:*:*:*:*:*:*

Версия до 2.20.0 (исключая)

EPSS

Процентиль: 14%

0.00046

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-476

Связанные уязвимости

GHSA-w2x5-64hf-jr76

CVSS3: 5.5

github

больше 3 лет назад

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in getprop_builtin_foreign() in mjs.c.

EPSS

Процентиль: 14%

0.00046

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-476