GCVE - cpe:2.3:a:artifex:mujs:1.0.5:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:artifex:mujs:1.0.5:*:*:*:*:*:*:*

part: a version: 1.0.5 update: *

Vendor	Artifex (`0075fabc-cec9-5063-a004-04a5c9db1a9b`)
Product	Mujs (`a2254e98-ee27-5160-9545-4188ab95f3e8`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/mujs`	purl2cpe	2026-06-01 10:15:00.023046
`pkg:deb/ubuntu/mujs`	purl2cpe	2026-06-01 10:15:00.023048
`pkg:github/artifexsoftware/mujs`	purl2cpe	2026-06-01 10:15:00.023049
`pkg:github/ccxvii/mujs`	purl2cpe	2026-06-01 10:15:00.023051
`pkg:rpm/fedora/mujs`	purl2cpe	2026-06-01 10:15:00.023053
`pkg:rpm/opensuse/mujs`	purl2cpe	2026-06-01 10:15:00.023054

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2019-12798`	vulnerable	2026-06-03 14:39:36.132930	Details available An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to an overflow of the parsed syntax list size. Published: 2019-06-13T16:58:21.000Z Updated: 2024-08-04T23:32:55.155Z Open on db.gcve.eu Reference links http://git.ghostscript.com/?p=mujs.git%3Bh=7f50591861525f76e3ec7a63392656ff8c030af9 http://www.securityfocus.com/bid/108774	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-11413`	vulnerable	2026-06-03 14:39:32.969041	Details available An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check. Published: 2019-04-21T19:14:47.000Z Updated: 2024-08-04T22:55:39.703Z Open on db.gcve.eu Reference links https://bugs.ghostscript.com/show_bug.cgi?id=700937 http://www.ghostscript.com/cgi-bin/findgit.cgi?00d4606c3baf813b7b1c176823b2729bf51002a2 https://github.com/ccxvii/mujs/commit/00d4606c3baf813b7b1c176823b2729bf51002a2 http://www.securityfocus.com/bid/108093 https://security.gentoo.org/glsa/202007-52	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-11412`	vulnerable	2026-06-03 14:39:32.966551	Details available An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call. Published: 2019-04-21T19:14:37.000Z Updated: 2024-08-04T22:55:40.999Z Open on db.gcve.eu Reference links https://bugs.ghostscript.com/show_bug.cgi?id=700947 http://www.ghostscript.com/cgi-bin/findgit.cgi?1e5479084bc9852854feb1ba9bf68b52cd127e02 https://github.com/ccxvii/mujs/commit/1e5479084bc9852854feb1ba9bf68b52cd127e02 http://www.securityfocus.com/bid/108093 https://security.gentoo.org/glsa/202007-52	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-11411`	vulnerable	2026-06-03 14:39:32.966036	Details available An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based buffer overflow. Published: 2019-04-21T19:14:20.000Z Updated: 2024-08-04T22:55:41.052Z Open on db.gcve.eu Reference links https://bugs.ghostscript.com/show_bug.cgi?id=700938 http://www.ghostscript.com/cgi-bin/findgit.cgi?da632ca08f240590d2dec786722ed08486ce1be6 https://github.com/ccxvii/mujs/commit/da632ca08f240590d2dec786722ed08486ce1be6 http://www.securityfocus.com/bid/108093 https://security.gentoo.org/glsa/202007-52	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.