Vulnerabilities > CVE-2023-43338 - Out-of-bounds Write vulnerability in Cesanta MJS 2.20.0

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

cesanta

CWE-787

critical

NVD

Published: 2023-09-23

Updated: 2023-09-26

Summary

Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjs_get_ptr(). This vulnerability allows attackers to execute arbitrary code via a crafted input.

Vulnerable Configurations

Part	Description	Count
Application	Cesanta Cesanta MJS 2.20.0	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/cesanta/mjs/issues/250