Lucene search
HistoryOct 28, 2022 - 9:15 p.m.
CVE-2022-43286
cve-2022-43286
nginx
njs
heap-use-after-free
bug
illegal memory copy
njs_json_parse_iterator_call
njs_json.c
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.2%
Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c.
Affected configurations
Node
f5njsMatch0.7.2
References
Social References
More
Related
nvd
nvd
CVE-2022-43286
2022-10-28 21:15:10
osv
osv
CVE-2022-43286
2022-10-28 21:15:10
f5
f5
K80055530 : NGINX NJS vulnerability CVE-2022-43286
2022-11-07 00:00:00
prion
prion
Heap overflow
2022-10-28 21:15:00
cvelist
cvelist
CVE-2022-43286
2022-10-28 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.2%
Related for CVE-2022-43286