CVE-2021-45005
published 2022-02-14CVE-2021-45005: Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | mujs | — | — |
| artifex | mujs | >= 0 < 1.1.0-1+deb11u1 | 1.1.0-1+deb11u1 |
| artifex | mujs | >= 0 < 1.1.3-4 | 1.1.3-4 |
| artifex | mujs | >= 0 < 1.1.3-4 | 1.1.3-4 |
| artifex | mujs | >= 0 < 1.1.3-4 | 1.1.3-4 |
| artifex | mujs | >= 0 < 1.1.3-3ubuntu0.1~esm1 | 1.1.3-3ubuntu0.1~esm1 |
| debian | mujs | < mujs 1.1.3-4 (bookworm) | mujs 1.1.3-4 (bookworm) |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL