CVE-2021-33797

Name of the Vulnerable Software and Affected Versions Artifex MuJS versions 1.0.1 through 1.1.1

Description The issue is related to a buffer overflow in the jsdtoa.c file of Artifex MuJS. This occurs due to an integer overflow when the js strtod() function reads in a floating point exponent, leading to a buffer overflow in the pointer *d.

Recommendations For Artifex MuJS versions 1.0.1 through 1.1.1, consider updating to a version that fixes the buffer overflow issue in jsdtoa.c. As a temporary workaround, consider restricting the input to the js strtod() function to prevent integer overflows.