Jsish: >> Jsish >> 2.4.83_2.0483 Security Vulnerabilities
An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the Jsi_Strlen function in the src/jsiChar.c file.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-04-04
An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the StringReplaceCmd function in the src/jsiChar.c file.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-04-04
Buffer overflow vulnerability in function NumberToPrecisionCmd in jsish before 3.0.7, allows remote attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.025
Published
2021-07-13
Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish before 3.0.8, allows remote attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.031
Published
2021-07-13
Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.031
Published
2021-07-13
Stack overflow vulnerability in function jsi_evalcode_sub in jsish before 3.0.18, allows remote attackers to cause a Denial of Service via a crafted value to the execute parameter.
CVSS Score
7.5
EPSS Score
0.008
Published
2021-07-13
Jsish 2.4.83 2.0483 is affected by: Nullpointer dereference. The impact is: denial of service. The component is: function jsi_DumpFunctions (jsiEval.c:567). The attack vector is: executing crafted javascript code. The fixed version is: 2.4.84.
CVSS Score
7.5
EPSS Score
0.005
Published
2019-07-23