Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nginx njs vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-13067
njs up to and including 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. This issue occurs after the fix for CVE-2019-12207 is in place.
F5 Njs
7.5
CVSSv3
CVE-2022-43284
Nginx NJS v0.7.2 to v0.7.4 exists to contain a segmentation violation via njs_scope_valid_value at njs_scope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input.
F5 Njs
7.5
CVSSv3
CVE-2022-34027
Nginx NJS v0.7.4 exists to contain a segmentation violation via njs_value_property at njs_value.c.
F5 Njs 0.7.4
7.5
CVSSv3
CVE-2022-29369
Nginx NJS v0.7.2 exists to contain a segmentation violation via njs_lvlhsh_bucket_find at njs_lvlhsh.c.
F5 Njs 0.7.2
7.5
CVSSv3
CVE-2022-34030
Nginx NJS v0.7.5 exists to contain a segmentation violation via njs_djb_hash at src/njs_djb_hash.c.
F5 Njs 0.7.5
7.5
CVSSv3
CVE-2022-34031
Nginx NJS v0.7.5 exists to contain a segmentation violation via njs_value_to_number at src/njs_value_conversion.h.
F5 Njs 0.7.5
6.5
CVSSv3
CVE-2019-13617
njs up to and including 0.3.3, used in NGINX, has a heap-based buffer over-read in nxt_vsprintf in nxt/nxt_sprintf.c during error handling, as demonstrated by an njs_regexp_literal call that leads to an njs_parser_lexer_error call and then an njs_parser_scope_error call.
F5 Njs
5.5
CVSSv3
CVE-2022-38890
Nginx NJS v0.7.7 exists to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h
F5 Njs 0.7.7
7.5
CVSSv3
CVE-2022-34028
Nginx NJS v0.7.5 exists to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h.
F5 Njs 0.7.5
9.1
CVSSv3
CVE-2022-34029
Nginx NJS v0.7.4 exists to contain an out-of-bounds read via njs_scope_value at njs_scope.h.
F5 Njs 0.7.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »