7.5

CVE-2019-11412

An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ArtifexMujs Version1.0.5
FedoraprojectFedora Version31
FedoraprojectFedora Version32
FedoraprojectFedora Version33
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.76% 0.818
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-670 Always-Incorrect Control Flow Implementation

The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.

https://bugs.ghostscript.com/show_bug.cgi?id=700947
Vendor Advisory
Issue Tracking
Permissions Required