Lucene search

MitreCVE-2021-36535

HistoryFeb 03, 2023 - 6:15 p.m.

CVE-2021-36535

2023-02-0318:15:10

CWE-787

mitre

web.nvd.nist.gov

cve

2021

36535

buffer overflow

cesanta

mjs

denial of service

remote attackers

crafted

.js file

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

41.9%

JSON

Buffer Overflow vulnerability in Cesanta mJS 1.26 allows remote attackers to cause a denial of service via crafted .js file to mjs_set_errorf.

Affected configurations

Nvd

Node

cesantamjsMatch1.26

VendorProductVersionCPE
cesantamjs1.26cpe:2.3:a:cesanta:mjs:1.26:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cesanta	mjs	1.26	cpe:2.3:a:cesanta:mjs:1.26:::::::*

References

github.com/cesanta/mjs/issues/175

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

41.9%

JSON

Related for CVE-2021-36535