cbcvebase.
CVE-2021-33796
published 2023-07-07

CVE-2021-33796: In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service.

high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service.

Affected

6 ranges
VendorProductVersion rangeFixed in
artifexmujs< 1.1.21.1.2
artifexmujs>= 0 < 1.1.3-21.1.3-2
artifexmujs>= 0 < 1.1.3-21.1.3-2
artifexmujs>= 0 < 1.1.3-21.1.3-2
debianmujs< mujs 1.1.3-2 (bookworm)mujs 1.1.3-2 (bookworm)
mujsmujs1.1.1 – all

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH