Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nginx njs vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-19695
Buffer Overflow found in Nginx NJS allows a remote malicious user to execute arbitrary code via the njs_object_property parameter of the njs/njs_vm.c function.
Nginx Njs 2019-06-27
Nginx Njs
9.8
CVSSv3
CVE-2021-46461
njs up to and including 0.7.0, used in NGINX, exists to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c.
Nginx Njs
5.5
CVSSv3
CVE-2022-29779
Nginx NJS v0.7.2 exists to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c.
Nginx Njs 0.7.2
7.5
CVSSv3
CVE-2022-35173
An issue exists in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to a correct offset during code generation, leading to a segmentation violation.
Nginx Njs 0.7.5
5.5
CVSSv3
CVE-2022-30503
Nginx NJS v0.7.2 exists to contain a segmentation violation in the function njs_set_number at src/njs_value.h.
Nginx Njs 0.7.2
5.5
CVSSv3
CVE-2022-29780
Nginx NJS v0.7.2 exists to contain a segmentation violation in the function njs_array_prototype_sort at src/njs_array.c.
Nginx Njs 0.7.2
9.8
CVSSv3
CVE-2020-19692
Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92 allows a remote malicious user to execute arbitrary code via the njs_module_read in the njs_module.c file.
Nginx Njs 2019-06-27
1 Github repository
5.5
CVSSv3
CVE-2020-24349
njs up to and including 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface.
F5 Njs
7.8
CVSSv3
CVE-2020-24346
njs up to and including 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c.
F5 Njs
5.5
CVSSv3
CVE-2020-24347
njs up to and including 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c.
F5 Njs
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »