Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 nginx vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2022-31307
Nginx NJS v0.7.2 exists to contain a segmentation violation in the function njs_string_offset at src/njs_string.c.
F5 Njs 0.7.2
NA
CVE-2023-27728
Nginx NJS v0.7.10 exists to contain a segmentation violation via the function njs_dump_is_recursive at src/njs_vmcode.c.
F5 Njs 0.7.10
NA
CVE-2023-27729
Nginx NJS v0.7.10 exists to contain an illegal memcpy via the function njs_vmcode_return at src/njs_vmcode.c.
F5 Njs 0.7.10
4.3
CVSSv2
CVE-2022-28049
NGINX NJS 0.7.2 exists to contain a NULL pointer dereference via the component njs_vmcode_array at /src/njs_vmcode.c.
F5 Njs 0.7.2
NA
CVE-2022-43284
Nginx NJS v0.7.2 to v0.7.4 exists to contain a segmentation violation via njs_scope_valid_value at njs_scope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input.
F5 Njs
5
CVSSv2
CVE-2022-27008
nginx njs 0.7.2 is vulnerable to Buffer Overflow. Type confused in Array.prototype.concat() when a slow array appended element is fast array.
F5 Njs 0.7.2
4.3
CVSSv2
CVE-2019-13617
njs up to and including 0.3.3, used in NGINX, has a heap-based buffer over-read in nxt_vsprintf in nxt/nxt_sprintf.c during error handling, as demonstrated by an njs_regexp_literal call that leads to an njs_parser_lexer_error call and then an njs_parser_scope_error call.
F5 Njs
7.5
CVSSv2
CVE-2022-27007
nginx njs 0.7.2 is affected suffers from Use-after-free in njs_function_frame_alloc() when it try to invoke from a restored frame saved with njs_function_frame_save().
F5 Njs 0.7.2
NA
CVE-2022-43286
Nginx NJS v0.7.2 exists to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c.
F5 Njs 0.7.2
NA
CVE-2022-43285
Nginx NJS v0.7.4 exists to contain a segmentation violation in njs_promise_reaction_job. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input.
F5 Njs 0.7.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »