Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 njs vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-25139
njs up to and including 0.7.0, used in NGINX, exists to contain a heap use-after-free in njs_await_fulfilled.
F5 Njs
7.5
CVSSv2
CVE-2019-13067
njs up to and including 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. This issue occurs after the fix for CVE-2019-12207 is in place.
F5 Njs
7.5
CVSSv2
CVE-2019-12206
njs up to and including 0.3.1, used in NGINX, has a heap-based buffer overflow in nxt_utf8_encode in nxt_utf8.c.
F5 Njs
7.5
CVSSv2
CVE-2019-12207
njs up to and including 0.3.1, used in NGINX, has a heap-based buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c.
F5 Njs
7.5
CVSSv2
CVE-2019-12208
njs up to and including 0.3.1, used in NGINX, has a heap-based buffer overflow in njs_function_native_call in njs/njs_function.c.
F5 Njs
NA
CVE-2022-43284
Nginx NJS v0.7.2 to v0.7.4 exists to contain a segmentation violation via njs_scope_valid_value at njs_scope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input.
F5 Njs
5
CVSSv2
CVE-2021-46462
njs up to and including 0.7.1, used in NGINX, exists to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c.
F5 Njs
2.1
CVSSv2
CVE-2020-24348
njs up to and including 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c.
F5 Njs
7.5
CVSSv2
CVE-2021-46463
njs up to and including 0.7.1, used in NGINX, exists to contain a control flow hijack caused by a Type Confusion vulnerability in njs_promise_perform_then().
F5 Njs
7.5
CVSSv2
CVE-2019-11839
njs up to and including 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.push after a resize, related to njs_array_prototype_push in njs/njs_array.c, because of njs_array_expand size mishandling.
F5 Njs
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »