What the vulnerability does

01Description

Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floating point exponent, which leads to a buffer overflow in the pointer *d.

Key dates

02Disclosure timeline

April 17, 2023 CVE published
February 6, 2025 Record updated