CVE-2019-11412 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 81%

Vendor	Product	Version
artifex	mujs	1.0.5

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

mujs

bullseye	1.1.0-1+deb11u3 fixed
bullseye (security)	1.1.0-1+deb11u2 fixed
bookworm	1.3.2-1 fixed
sid	1.3.5-1 fixed
trixie	1.3.5-1 fixed

Common Weakness Enumeration

CWE-670 - Always-Incorrect Control Flow Implementation
The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.

References

http://www.ghostscript.com/cgi-bin/findgit.cgi?1e5479084bc9852854feb1ba9bf68b52cd127e02

http://www.securityfocus.com/bid/108093

https://bugs.ghostscript.com/show_bug.cgi?id=700947

https://github.com/ccxvii/mujs/commit/1e5479084bc9852854feb1ba9bf68b52cd127e02

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3RQXMWEOWCGLOLFBQSXBM3MBN33T4I5H/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/67PMOZV4DLVL2KGU2SV724QL7Y4PKWKU/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MFCRO74ORRIVWNVAX2MAMRY3THCTWLQI/

https://security.gentoo.org/glsa/202007-52

http://www.ghostscript.com/cgi-bin/findgit.cgi?1e5479084bc9852854feb1ba9bf68b52cd127e02

http://www.securityfocus.com/bid/108093

https://bugs.ghostscript.com/show_bug.cgi?id=700947

https://github.com/ccxvii/mujs/commit/1e5479084bc9852854feb1ba9bf68b52cd127e02

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3RQXMWEOWCGLOLFBQSXBM3MBN33T4I5H/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/67PMOZV4DLVL2KGU2SV724QL7Y4PKWKU/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MFCRO74ORRIVWNVAX2MAMRY3THCTWLQI/

https://security.gentoo.org/glsa/202007-52