Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mjs
(Cesanta)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 81 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2024-01-02 | CVE-2023-49549 | An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_getretvalpos function in the msj.c file. | Mjs | 7.5 | ||
2024-01-02 | CVE-2023-49552 | An Out of Bounds Write in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_stringify function in the msj.c file. | Mjs | 7.5 | ||
2024-01-02 | CVE-2023-49553 | An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_destroy function in the msj.c file. | Mjs | 7.5 | ||
2024-01-02 | CVE-2023-49550 | An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs+0x4ec508 component. | Mjs | 7.5 | ||
2023-12-20 | CVE-2023-50044 | Cesanta MJS 2.20.0 has a getprop_builtin_foreign out-of-bounds read if a Built-in API name occurs in a substring of an input string. | Mjs | 9.8 | ||
2023-09-23 | CVE-2023-43338 | Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjs_get_ptr(). This vulnerability allows attackers to execute arbitrary code via a crafted input. | Mjs | 9.8 | ||
2022-01-27 | CVE-2021-46509 | Cesanta MJS v2.20.0 was discovered to contain a stack overflow via snquote at mjs/src/mjs_json.c. | Mjs | 7.8 | ||
2022-07-26 | CVE-2021-33437 | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There are memory leaks in frozen_cb() in mjs.c. | Mjs | 5.5 | ||
2023-05-09 | CVE-2023-30087 | Buffer Overflow vulnerability found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_mk_string function in mjs.c. | Mjs | 5.5 | ||
2023-05-09 | CVE-2023-30088 | An issue found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_execute function in mjs.c. | Mjs | 5.5 |