Stack Buffer Overflow in mJS JavaScript Engine Affecting Cesanta Products
CVE-2021-33448

5.5MEDIUM

Key Information:

Vendor

Cesanta

Status
Mjs
Vendor
CVE Published:
26 July 2022

What is CVE-2021-33448?

A stack buffer overflow vulnerability has been identified in the mJS Restricted JavaScript engine (ES6). This issue can potentially allow malicious actors to exploit the overflow, leading to unexpected behavior or errors in applications utilizing this JavaScript engine. The vulnerability manifests at a specific memory address (0x7fffe9049390), emphasizing the need for developers and systems integrators to apply relevant patches and updates to mitigate any associated risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/cesanta/mjs/issues/170
x_refsource_MISC
https://gist.github.com/Clingto/bb632c0c463f4b2c97e4f65f7...
x_refsource_MISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.