VDB
CVE-2021-33797
CVE-2021-33797
REJECTED
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floating point exponent, which leads to a buffer overflow in the pointer *d.
EPSS 0.39% · 60.7th percentile
Risk Scores
EPSS Score
0.39%
60.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:22.04:LTS | mujs | 0, 1.1.0-1, 1.1.3-2 |
Exploit Intelligence
Timeline
- Apr 17, 2023 CVE Published
- Apr 18, 2023 EPSS Score
- May 26, 2023 EPSS Score
- Jul 2, 2023 EPSS Score
- Aug 9, 2023 EPSS Score
- Sep 15, 2023 EPSS Score
- Oct 23, 2023 EPSS Score
- Nov 29, 2023 EPSS Score
- Jan 6, 2024 EPSS Score
- Feb 12, 2024 EPSS Score
- Mar 21, 2024 EPSS Score
- Apr 27, 2024 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-33797 third-party-advisory
- https://github.com/ccxvii/mujs/issues/148 third-party-advisory
- https://github.com/ccxvii/mujs/commit/833b6f1672b4f2991a63c4d05318f0b84ef4d550 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-33797 third-party-advisory