CVE-2022-30974

Опубликовано: 18 мая 2022

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413.

Ссылки

https://github.com/ccxvii/mujs/issues/162
Exploit
Issue Tracking
Patch
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MC6PLHTXHZ7GW7QQGTLBHLXL47UHTHXO/
https://www.debian.org/security/2022/dsa-5291
Third Party Advisory
https://github.com/ccxvii/mujs/issues/162
Exploit
Issue Tracking
Patch
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MC6PLHTXHZ7GW7QQGTLBHLXL47UHTHXO/
https://www.debian.org/security/2022/dsa-5291
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:artifex:mujs:*:*:*:*:*:*:*:*

Версия до 1.2.0 (включая)

Конфигурация 2

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Конфигурация 3

cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

EPSS

Процентиль: 13%

0.00043

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-674

Связанные уязвимости

CVE-2022-30974

CVSS3: 5.5

ubuntu

больше 3 лет назад

compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413.

CVE-2022-30974

CVSS3: 5.5

debian

больше 3 лет назад

compile in regexp.c in Artifex MuJS through 1.2.0 results in stack con ...

GHSA-x9pv-h28p-55w8

CVSS3: 5.5

github

больше 3 лет назад

compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413.

EPSS

Процентиль: 13%

0.00043

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-674