Description
An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to an overflow of the parsed syntax list size.
References (2)
Core 2
Core References
Patch x_refsource_misc
http://git.ghostscript.com/?p=mujs.git%3Bh=7f50591861525f76e3ec7a63392656ff8c030af9
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/108774
Scores
CVSS v3
9.8
EPSS
0.0043
EPSS Percentile
63.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-185
Status
published
Products (1)
artifex/mujs
1.0.5
Published
Jun 13, 2019
Tracked Since
Feb 18, 2026