Lucene search
HistoryApr 17, 2023 - 10:15 p.m.
CVE-2021-33797
artifex mujs
integer overflow
buffer-overflow
vulnerability
jsdtoa.c
js_strtod()
floating point exponent
pointer *
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.001
Percentile
44.5%
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floating point exponent, which leads to a buffer overflow in the pointer *d.
Affected configurations
Node
artifexmujsRange1.0.1–1.1.1
Related
cve
cve
CVE-2021-33797
2023-04-17 22:15:07
veracode
veracode
Buffer Overflow
2023-04-22 03:23:10
prion
prion
Integer overflow
2023-04-17 22:15:00
debiancve
debiancve
CVE-2021-33797
2023-04-17 22:15:07
cvelist
cvelist
CVE-2021-33797
2023-04-17 00:00:00
osv
osv
CVE-2021-33797
2023-04-17 22:15:07
ubuntucve
ubuntucve
CVE-2021-33797
2023-04-17 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.001
Percentile
44.5%
Related for NVD:CVE-2021-33797