There is 1 open security issue in bullseye.
1 issue left for the package maintainer to handle:
In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service.
You can find information about how to handle this issue in the security team's documentation.
1 issue that should be fixed with the next stable update:
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floating point exponent, which leads to a buffer overflow in the pointer *d.