CVE-2022-30974

Name
CVE-2022-30974
Description
compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/ccxvii/mujs/issues/162
Third Party Advisory https://www.debian.org/security/2022/dsa-5291
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MC6PLHTXHZ7GW7QQGTLBHLXL47UHTHXO/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:artifex:mujs:*:*:*:*:*:*:*:* mujs >= None <= 1.2.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
mujs 3.17-community 1.3.0-r0 Jakub Jirutka <jakub@jirutka.cz> fixed