View at Official debian advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2021-33797 not yet assigned priority: Debian including 1 source packages (mujs), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floating point exponent, which leads to a buffer overflow in the pointer *d.