{"vulnerability": "cve-2021-4168", "sightings": [{"uuid": "1446e619-cda9-4ae8-a746-2eae88f0b522", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41682", "type": "seen", "source": "https://t.me/cibsecurity/44828", "content": "\u203c CVE-2021-41682 \u203c\n\nThere is a heap-use-after-free at ecma-helpers-string.c:1940 in ecma_compare_ecma_non_direct_strings in JerryScript 2.4.0\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-20T18:26:32.000000Z"}, {"uuid": "5a80e8c2-a1d4-4e51-833b-30a719e3b0e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41683", "type": "seen", "source": "https://t.me/cibsecurity/44827", "content": "\u203c CVE-2021-41683 \u203c\n\nThere is a stack-overflow at ecma-helpers.c:326 in ecma_get_lex_env_type in JerryScript 2.4.0\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-20T18:26:31.000000Z"}, {"uuid": "35779e98-d456-48ac-8bc4-f9b38a2fbc38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41687", "type": "seen", "source": "https://t.me/cibsecurity/45284", "content": "\u203c CVE-2021-41687 \u203c\n\nDCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for parsing data, but does not free it when error in parsing. Sending specific requests to the dcmqrdb program incur the memory leak. An attacker can use it to launch a DoS attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-28T16:35:58.000000Z"}, {"uuid": "580b8248-5617-4bab-8767-9cb71610c9eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41688", "type": "seen", "source": "https://t.me/cibsecurity/45282", "content": "\u203c CVE-2021-41688 \u203c\n\nDCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but its address is still used in other locations. Sending specific requests to the dcmqrdb program will incur a double free. An attacker can use it to launch a DoS attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-28T16:35:56.000000Z"}, {"uuid": "701c0997-e6f1-4620-83b2-c9c1822a8c0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41689", "type": "seen", "source": "https://t.me/cibsecurity/45292", "content": "\u203c CVE-2021-41689 \u203c\n\nDCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the result even if the result is null, which can incur a head-based overflow. An attacker can use it to launch a DoS attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-28T16:36:11.000000Z"}]}