Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
njs vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-19695
Buffer Overflow found in Nginx NJS allows a remote malicious user to execute arbitrary code via the njs_object_property parameter of the njs/njs_vm.c function.
Nginx Njs 2019-06-27
Nginx Njs
9.8
CVSSv3
CVE-2019-11839
njs up to and including 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.push after a resize, related to njs_array_prototype_push in njs/njs_array.c, because of njs_array_expand size mishandling.
F5 Njs
6.5
CVSSv3
CVE-2019-13617
njs up to and including 0.3.3, used in NGINX, has a heap-based buffer over-read in nxt_vsprintf in nxt/nxt_sprintf.c during error handling, as demonstrated by an njs_regexp_literal call that leads to an njs_parser_lexer_error call and then an njs_parser_scope_error call.
F5 Njs
7.8
CVSSv3
CVE-2020-24346
njs up to and including 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c.
F5 Njs
5.5
CVSSv3
CVE-2020-24348
njs up to and including 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c.
F5 Njs
9.8
CVSSv3
CVE-2019-12206
njs up to and including 0.3.1, used in NGINX, has a heap-based buffer overflow in nxt_utf8_encode in nxt_utf8.c.
F5 Njs
9.8
CVSSv3
CVE-2019-12207
njs up to and including 0.3.1, used in NGINX, has a heap-based buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c.
F5 Njs
9.8
CVSSv3
CVE-2019-12208
njs up to and including 0.3.1, used in NGINX, has a heap-based buffer overflow in njs_function_native_call in njs/njs_function.c.
F5 Njs
9.8
CVSSv3
CVE-2021-46461
njs up to and including 0.7.0, used in NGINX, exists to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c.
Nginx Njs
7.5
CVSSv3
CVE-2021-46462
njs up to and including 0.7.1, used in NGINX, exists to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c.
F5 Njs
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »