Mjs Cesanta Mjs

  1. Vendors
  2. Cesanta
  3. Mjs

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Cesanta Mjs.

By the Year

In 2025 there have been 0 vulnerabilities in Cesanta Mjs. Last year, in 2024 Mjs had 8 security vulnerabilities published. Right now, Mjs is on track to have less security vulnerabilities in 2025 than it did last year.




Year Vulnerabilities Average Score
2025 0 0.00
2024 8 7.50
2023 8 6.58
2022 57 5.98
2021 11 5.50
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Mjs vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Cesanta Mjs Security Vulnerabilities

An issue in Cesanta mjs 2.20.0

CVE-2024-35384 - May 21, 2024

An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_array_length function in the mjs.c file.

An issue in Cesanta mjs 2.20.0

CVE-2024-35385 - May 21, 2024

An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_mk_ffi_sig function in the mjs.c file.

An issue in Cesanta mjs 2.20.0

CVE-2024-35386 - May 21, 2024

An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_do_gc function in the mjs.c file.

An issue in Cesanta mjs 2.20.0

CVE-2023-49549 7.5 - High - January 02, 2024

An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_getretvalpos function in the msj.c file.

An Out of Bounds Write in Cesanta mjs 2.20.0

CVE-2023-49552 7.5 - High - January 02, 2024

An Out of Bounds Write in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_stringify function in the msj.c file.

Out-of-bounds Read

An issue in Cesanta mjs 2.20.0

CVE-2023-49553 7.5 - High - January 02, 2024

An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_destroy function in the msj.c file.

An issue in Cesanta mjs 2.20.0

CVE-2023-49550 7.5 - High - January 02, 2024

An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs+0x4ec508 component.

An issue in Cesanta mjs 2.20.0

CVE-2023-49551 7.5 - High - January 02, 2024

An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_parse function in the msj.c file.

Cesanta MJS 2.20.0 has a getprop_builtin_foreign out-of-bounds read if a Built-in API name occurs in a substring of an input string.

CVE-2023-50044 9.8 - Critical - December 20, 2023

Cesanta MJS 2.20.0 has a getprop_builtin_foreign out-of-bounds read if a Built-in API name occurs in a substring of an input string.

Classic Buffer Overflow

Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjs_get_ptr()

CVE-2023-43338 9.8 - Critical - September 23, 2023

Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjs_get_ptr(). This vulnerability allows attackers to execute arbitrary code via a crafted input.

Memory Corruption

Buffer Overflow vulnerability found in Cesanta MJS v.1.26

CVE-2023-30087 5.5 - Medium - May 09, 2023

Buffer Overflow vulnerability found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_mk_string function in mjs.c.

Memory Corruption

An issue found in Cesanta MJS v.1.26

CVE-2023-30088 5.5 - Medium - May 09, 2023

An issue found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_execute function in mjs.c.

Buffer Overflow

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_ffi_cb_free at src/mjs_ffi.c

CVE-2023-29570 5.5 - Medium - April 24, 2023

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_ffi_cb_free at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS).

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via ffi_cb_impl_wpwwwww at src/mjs_ffi.c

CVE-2023-29569 5.5 - Medium - April 14, 2023

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via ffi_cb_impl_wpwwwww at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS).

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via gc_sweep at src/mjs_gc.c

CVE-2023-29571 5.5 - Medium - April 12, 2023

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via gc_sweep at src/mjs_gc.c. This vulnerability can lead to a Denial of Service (DoS).

Buffer Overflow vulnerability in Cesanta mJS 1.26

CVE-2021-36535 5.5 - Medium - February 03, 2023

Buffer Overflow vulnerability in Cesanta mJS 1.26 allows remote attackers to cause a denial of service via crafted .js file to mjs_set_errorf.

Memory Corruption

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6)

CVE-2021-33441 5.5 - Medium - July 26, 2022

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in exec_expr() in mjs.c.

NULL Pointer Dereference

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6)

CVE-2021-33449 5.5 - Medium - July 26, 2022

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_part_get_by_offset() in mjs.c.

NULL Pointer Dereference

An issue was discovered in mjs(mJS: Restricted JavaScript engine), ES6 (JavaScript version 6)

CVE-2021-33448 5.5 - Medium - July 26, 2022

An issue was discovered in mjs(mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow at 0x7fffe9049390.

Memory Corruption

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6)

CVE-2021-33447 5.5 - Medium - July 26, 2022

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_print() in mjs.c.

NULL Pointer Dereference

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6)

CVE-2021-33446 5.5 - Medium - July 26, 2022

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_next() in mjs.c.

NULL Pointer Dereference

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6)

CVE-2021-33445 5.5 - Medium - July 26, 2022

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_string_char_code_at() in mjs.c.

NULL Pointer Dereference

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6)

CVE-2021-33444 5.5 - Medium - July 26, 2022

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in getprop_builtin_foreign() in mjs.c.

NULL Pointer Dereference

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6)

CVE-2021-33442 5.5 - Medium - July 26, 2022

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in json_printf() in mjs.c.

NULL Pointer Dereference

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6)

CVE-2021-33443 5.5 - Medium - July 26, 2022

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in mjs_execute() in mjs.c.

Memory Corruption

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6)

CVE-2021-33440 5.5 - Medium - July 26, 2022

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_commit() in mjs.c.

NULL Pointer Dereference

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6)

CVE-2021-33439 5.5 - Medium - July 26, 2022

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is Integer overflow in gc_compact_strings() in mjs.c.

Integer Overflow or Wraparound

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6)

CVE-2021-33438 5.5 - Medium - July 26, 2022

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in json_parse_array() in mjs.c.

Memory Corruption

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6)

CVE-2021-33437 5.5 - Medium - July 26, 2022

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There are memory leaks in frozen_cb() in mjs.c.

Memory Leak

Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow

CVE-2021-46519 7.8 - High - January 27, 2022

Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_array_length at src/mjs_array.c.

Memory Corruption

Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow

CVE-2021-46518 7.8 - High - January 27, 2022

Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_disown at src/mjs_core.c.

Memory Corruption

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_stack_size at mjs/src/mjs_core.c

CVE-2021-46516 5.5 - Medium - January 27, 2022

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_stack_size at mjs/src/mjs_core.c. This vulnerability can lead to a Denial of Service (DoS).

Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow

CVE-2021-46513 7.8 - High - January 27, 2022

Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via mjs_mk_string at mjs/src/mjs_string.c.

Classic Buffer Overflow

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_apply at src/mjs_exec.c

CVE-2021-46512 5.5 - Medium - January 27, 2022

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_apply at src/mjs_exec.c. This vulnerability can lead to a Denial of Service (DoS).

Cesanta MJS v2.20.0 was discovered to contain a stack overflow

CVE-2021-46509 7.8 - High - January 27, 2022

Cesanta MJS v2.20.0 was discovered to contain a stack overflow via snquote at mjs/src/mjs_json.c.

Stack Exhaustion

There is an Assertion `mjs_stack_size(&mjs->scopes) > 0' failed at src/mjs_exec.c in Cesanta MJS v2.20.0.

CVE-2021-46517 5.5 - Medium - January 27, 2022

There is an Assertion `mjs_stack_size(&mjs->scopes) > 0' failed at src/mjs_exec.c in Cesanta MJS v2.20.0.

assertion failure

There is an Assertion `mjs_stack_size(&mjs->scopes) >= scopes_len' failed at src/mjs_exec.c in Cesanta MJS v2.20.0.

CVE-2021-46515 5.5 - Medium - January 27, 2022

There is an Assertion `mjs_stack_size(&mjs->scopes) >= scopes_len' failed at src/mjs_exec.c in Cesanta MJS v2.20.0.

assertion failure

There is an Assertion 'ppos != NULL && mjs_is_number(*ppos)' failed at src/mjs_core.c in Cesanta MJS v2.20.0.

CVE-2021-46514 5.5 - Medium - January 27, 2022

There is an Assertion 'ppos != NULL && mjs_is_number(*ppos)' failed at src/mjs_core.c in Cesanta MJS v2.20.0.

assertion failure

There is an Assertion `m->len >= sizeof(v)' failed at src/mjs_core.c in Cesanta MJS v2.20.0.

CVE-2021-46511 5.5 - Medium - January 27, 2022

There is an Assertion `m->len >= sizeof(v)' failed at src/mjs_core.c in Cesanta MJS v2.20.0.

assertion failure

There is an Assertion `i < parts_cnt' failed at src/mjs_bcode.c in Cesanta MJS v2.20.0.

CVE-2021-46508 5.5 - Medium - January 27, 2022

There is an Assertion `i < parts_cnt' failed at src/mjs_bcode.c in Cesanta MJS v2.20.0.

assertion failure

There is an Assertion `s < mjs->owned_strings.buf + mjs->owned_strings.len' failed at src/mjs_gc.c in Cesanta MJS v2.20.0.

CVE-2021-46510 5.5 - Medium - January 27, 2022

There is an Assertion `s < mjs->owned_strings.buf + mjs->owned_strings.len' failed at src/mjs_gc.c in Cesanta MJS v2.20.0.

assertion failure

Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow

CVE-2021-46520 7.8 - High - January 27, 2022

Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_jprintf at src/mjs_util.c.

Memory Corruption

Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow

CVE-2021-46521 7.8 - High - January 27, 2022

Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via c_vsnprintf at mjs/src/common/str_util.c.

Classic Buffer Overflow

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_bcode_insert_offset at src/mjs_bcode.c

CVE-2021-46556 5.5 - Medium - January 27, 2022

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_bcode_insert_offset at src/mjs_bcode.c. This vulnerability can lead to a Denial of Service (DoS).

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_json_stringify at src/mjs_json.c

CVE-2021-46554 5.5 - Medium - January 27, 2022

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_json_stringify at src/mjs_json.c. This vulnerability can lead to a Denial of Service (DoS).

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_set_internal at src/mjs_object.c

CVE-2021-46553 5.5 - Medium - January 27, 2022

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_set_internal at src/mjs_object.c. This vulnerability can lead to a Denial of Service (DoS).

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via free_json_frame at src/mjs_json.c

CVE-2021-46550 5.5 - Medium - January 27, 2022

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via free_json_frame at src/mjs_json.c. This vulnerability can lead to a Denial of Service (DoS).

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via parse_cval_type at src/mjs_ffi.c

CVE-2021-46549 5.5 - Medium - January 27, 2022

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via parse_cval_type at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS).

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via add_lineno_map_item at src/mjs_bcode.c

CVE-2021-46548 5.5 - Medium - January 27, 2022

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via add_lineno_map_item at src/mjs_bcode.c. This vulnerability can lead to a Denial of Service (DoS).

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x2c17e

CVE-2021-46547 5.5 - Medium - January 27, 2022

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x2c17e. This vulnerability can lead to a Denial of Service (DoS).

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Cesanta Mjs or by Cesanta? Click the Watch button to subscribe.

Cesanta
Vendor

Cesanta Mjs
Product

subscribe