njs up to and including 0.7.1, used in NGINX, exists to contain a control flow hijack caused by a Type Confusion vulnerability in njs_promise_perform_then().
f5 njs