Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
njs vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-19695
Buffer Overflow found in Nginx NJS allows a remote malicious user to execute arbitrary code via the njs_object_property parameter of the njs/njs_vm.c function.
Nginx Njs 2019-06-27
Nginx Njs
7.5
CVSSv3
CVE-2022-43284
Nginx NJS v0.7.2 to v0.7.4 exists to contain a segmentation violation via njs_scope_valid_value at njs_scope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input.
F5 Njs
9.8
CVSSv3
CVE-2022-25139
njs up to and including 0.7.0, used in NGINX, exists to contain a heap use-after-free in njs_await_fulfilled.
F5 Njs
9.8
CVSSv3
CVE-2021-46461
njs up to and including 0.7.0, used in NGINX, exists to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c.
Nginx Njs
7.5
CVSSv3
CVE-2021-46462
njs up to and including 0.7.1, used in NGINX, exists to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c.
F5 Njs
9.8
CVSSv3
CVE-2019-11838
njs up to and including 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.splice after a resize, related to njs_array_prototype_splice in njs/njs_array.c, because of njs_array_expand size mishandling.
F5 Njs
9.8
CVSSv3
CVE-2019-13067
njs up to and including 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. This issue occurs after the fix for CVE-2019-12207 is in place.
F5 Njs
7.5
CVSSv3
CVE-2019-11837
njs up to and including 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c.
F5 Njs
9.8
CVSSv3
CVE-2019-11839
njs up to and including 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.push after a resize, related to njs_array_prototype_push in njs/njs_array.c, because of njs_array_expand size mishandling.
F5 Njs
9.8
CVSSv3
CVE-2019-12206
njs up to and including 0.3.1, used in NGINX, has a heap-based buffer overflow in nxt_utf8_encode in nxt_utf8.c.
F5 Njs
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »