Lucene search

K
cveMitreCVE-2021-33449
HistoryJul 26, 2022 - 1:15 p.m.

CVE-2021-33449

2022-07-2613:15:09
CWE-476
mitre
web.nvd.nist.gov
32
6
cve-2021-33449
mjs
javascript engine
null pointer dereference
security
nvd

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

46.0%

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_part_get_by_offset() in mjs.c.

Affected configurations

Nvd
Node
cesantamjsRange<2.20.0
VendorProductVersionCPE
cesantamjs*cpe:2.3:a:cesanta:mjs:*:*:*:*:*:*:*:*

Social References

More

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

46.0%

Related for CVE-2021-33449