{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T18:28:08.417","vulnerabilities":[{"cve":{"id":"CVE-2018-1000668","sourceIdentifier":"cve@mitre.org","published":"2018-09-06T17:29:01.970","lastModified":"2024-11-21T03:40:22.090","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"jsish version 2.4.70 2.047 contains a CWE-125: Out-of-bounds Read vulnerability in function jsi_ObjArrayLookup (jsiObj.c:274) that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code. This vulnerability appears to have been fixed in 2.4.71."},{"lang":"es","value":"jsish 2.4.70 2.047 contiene una vulnerabilidad de lectura fuera de límites (CWE-125) en la función jsi_ObjArrayLookup (jsiObj.c:274) que puede resultar en un cierre inesperado debido a un fallo de segmentación. El ataque parece ser explotable si una víctima ejecuta código JavaScript manipulado. La vulnerabilidad parece haber sido solucionada en la versión 2.4.71."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jsish:jsish:2.4.70_2.047:*:*:*:*:*:*:*","matchCriteriaId":"44F3241A-C5E3-41D3-899D-C48EE0320174"}]}]}],"references":[{"url":"https://jsish.org/fossil/jsi/tktview?name=9602dbd997","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://jsish.org/fossil/jsi/tktview?name=9602dbd997","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}