PT-2022-12734 · Jsish · Jsish

Hope-Fly

·

Published

2022-01-27

·

Updated

2022-02-02

·

CVE-2021-46488

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Jsish version 3.5.0
Description A SEGV issue was found in Jsish via the jsi ArrayConcatCmd function at src/jsiArray.c, which can cause a Denial of Service (DoS).
Recommendations For version 3.5.0, consider disabling the jsi ArrayConcatCmd function as a temporary workaround until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2021-46488

Affected Products

Jsish