cbcvebase.

Debian Mujs vulnerabilities

30 known vulnerabilities affecting debian/mujs.

Total CVEs
30
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH4MEDIUM1LOW22

Vulnerabilities

Page 1 of 2
CVE-2022-44789HIGHCVSS 8.8fixed in mujs 1.3.2-1 (bookworm)2022
CVE-2022-44789 [HIGH] CVE-2022-44789: mujs - A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.... A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file. Scope: local bookworm: resolved (fixed in 1.3.2-1) bullseye: resolved (fixed in 1.1.0-1+deb11u2) forky: resolved (fixed in 1.3.2-1) sid: resolved (fi
debian
CVE-2022-30974HIGHCVSS 7.5fixed in mujs 1.2.0-3 (bookworm)2022
CVE-2022-30974 [HIGH] CVE-2022-30974: mujs - compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption b... compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413. Scope: local bookworm: resolved (fixed in 1.2.0-3) bullseye: resolved (fixed in 1.1.0-1+deb11u2) forky: resolved (fixed in 1.2.0-3) sid: resolved (fixed in 1.2.0-3) trixie: resolved (fixed in 1.2.0-3)
debian
CVE-2022-30975MEDIUMCVSS 5.5fixed in mujs 1.2.0-3 (bookworm)2022
CVE-2022-30975 [MEDIUM] CVE-2022-30975: mujs - In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer der... In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp. Scope: local bookworm: resolved (fixed in 1.2.0-3) bullseye: resolved (fixed in 1.1.0-1+deb11u2) forky: resolved (fixed in 1.2.0-3) sid: resolved (fixed in 1.2.0-3) trixie: resolved (fixed in 1.2.0-3)
debian
CVE-2021-33797CRITICALCVSS 9.8fixed in mujs 1.1.3-2 (bookworm)2021
CVE-2021-33797 [CRITICAL] CVE-2021-33797: mujs - Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integ... Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floating point exponent, which leads to a buffer overflow in the pointer *d. Scope: local bookworm: resolved (fixed in 1.1.3-2) bullseye: resolved (fixed in 1.1.0-1+deb11u3) forky: resolved (fixed in 1.1.3-2) sid: resolved (fixed in 1.1.3-2)
debian
CVE-2021-45005CRITICALCVSS 9.8fixed in mujs 1.1.3-4 (bookworm)2021
CVE-2021-45005 [CRITICAL] CVE-2021-45005: mujs - Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is ca... Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements. Scope: local bookworm: resolved (fixed in 1.1.3-4) bullseye: resolved (fixed in 1.1.0-1+deb11u1) forky: resolved (fixed in 1.1.3-4) sid: resolved (fixed in 1.1.3-4) trixie: resolved (fixed in 1.1.3-4)
debian
CVE-2021-33796CRITICALCVSS 10.0fixed in mujs 1.1.3-2 (bookworm)2021
CVE-2021-33796 [CRITICAL] CVE-2021-33796: mujs - In MuJS before version 1.1.2, a use-after-free flaw in the regexp source propert... In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service. Scope: local bookworm: resolved (fixed in 1.1.3-2) bullseye: open forky: resolved (fixed in 1.1.3-2) sid: resolved (fixed in 1.1.3-2) trixie: resolved (fixed in 1.1.3-2)
debian
CVE-2020-22885HIGHCVSS 7.5fixed in mujs 1.0.9-1 (bookworm)2020
CVE-2020-22885 [HIGH] CVE-2020-22885: mujs - Buffer overflow vulnerability in mujs before 1.0.8 due to recursion in the GC sc... Buffer overflow vulnerability in mujs before 1.0.8 due to recursion in the GC scanning phase, allows remote attackers to cause a denial of service. Scope: local bookworm: resolved (fixed in 1.0.9-1) bullseye: resolved (fixed in 1.0.9-1) forky: resolved (fixed in 1.0.9-1) sid: resolved (fixed in 1.0.9-1) trixie: resolved (fixed in 1.0.9-1)
debian
CVE-2020-22886HIGHCVSS 7.5fixed in mujs 1.0.9-1 (bookworm)2020
CVE-2020-22886 [HIGH] CVE-2020-22886: mujs - Buffer overflow vulnerability in function jsG_markobject in jsgc.c in mujs befor... Buffer overflow vulnerability in function jsG_markobject in jsgc.c in mujs before 1.0.8, allows remote attackers to cause a denial of service. Scope: local bookworm: resolved (fixed in 1.0.9-1) bullseye: resolved (fixed in 1.0.9-1) forky: resolved (fixed in 1.0.9-1) sid: resolved (fixed in 1.0.9-1) trixie: resolved (fixed in 1.0.9-1)
debian
CVE-2020-24343LOWCVSS 7.82020
CVE-2020-24343 [HIGH] CVE-2020-24343: mujs - Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditio... Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
CVE-2019-11412LOWCVSS 7.52019
CVE-2019-11412 [HIGH] CVE-2019-11412: mujs - An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of... An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
CVE-2019-11411LOWCVSS 9.82019
CVE-2019-11411 [CRITICAL] CVE-2019-11411: mujs - An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr... An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based buffer overflow. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
CVE-2019-12798LOWCVSS 9.82019
CVE-2019-12798 [CRITICAL] CVE-2019-12798: mujs - An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not res... An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to an overflow of the parsed syntax list size. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
CVE-2019-11413LOWCVSS 7.52019
CVE-2019-11413 [HIGH] CVE-2019-11413: mujs - An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion becaus... An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
CVE-2018-6191LOWCVSS 5.5PoC2018
CVE-2018-6191 [MEDIUM] CVE-2018-6191: mujs - The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer ... The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
CVE-2018-5759LOWCVSS 5.5PoC2018
CVE-2018-5759 [MEDIUM] CVE-2018-5759: mujs - jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth... jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service (excessive recursion) via a crafted file. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
CVE-2017-5628LOWCVSS 7.82017
CVE-2017-5628 [HIGH] CVE-2017-5628: mujs - An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10a0af68e56d... An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10a0af68e56d5c00720523ebcba13c2e6a. The MakeDay function in jsdate.c does not validate the month, leading to an integer overflow when parsing a specially crafted JS file. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
CVE-2017-5627LOWCVSS 7.82017
CVE-2017-5627 [HIGH] CVE-2017-5627: mujs - An issue was discovered in Artifex Software, Inc. MuJS before 4006739a28367c708d... An issue was discovered in Artifex Software, Inc. MuJS before 4006739a28367c708dea19aeb19b8a1a9326ce08. The jsR_setproperty function in jsrun.c lacks a check for a negative array length. This leads to an integer overflow in the js_pushstring function in jsrun.c when parsing a specially crafted JS file. Scope: local bookworm: resolved bullseye: resolved forky: resolved si
debian
CVE-2016-7563LOWCVSS 7.52016
CVE-2016-7563 [HIGH] CVE-2016-7563: mujs - The chartorune function in Artifex Software MuJS allows attackers to cause a den... The chartorune function in Artifex Software MuJS allows attackers to cause a denial of service (out-of-bounds read) via a * (asterisk) at the end of the input. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
CVE-2016-7505LOWCVSS 9.82016
CVE-2016-7505 [CRITICAL] CVE-2016-7505: mujs - A buffer overflow vulnerability was observed in divby function of Artifex Softwa... A buffer overflow vulnerability was observed in divby function of Artifex Software, Inc. MuJS before 8c805b4eb19cf2af689c860b77e6111d2ee439d5. A successful exploitation of this issue can lead to code execution or denial of service condition. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
CVE-2016-9017LOWCVSS 7.52016
CVE-2016-9017 [HIGH] CVE-2016-9017: mujs - Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 allo... Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 allows context-dependent attackers to obtain sensitive information by using the "opname in crafted JavaScript file" approach, related to an "Out-of-Bounds read" issue affecting the jsC_dumpfunction function in the jsdump.c component. Scope: local bookworm: resolved bullseye: resolved forky: resol
debian
1 / 2Next →