Lucene search

[email protected]NVD:CVE-2023-27727

HistoryApr 09, 2023 - 8:15 p.m.

CVE-2023-27727

2023-04-0920:15:56

CWE-125

[email protected]

web.nvd.nist.gov

nginx

njs

segmentation violation

function frame

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

26.8%

JSON

Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_function_frame at src/njs_function.h.

Affected configurations

Nvd

Node

f5njsMatch0.7.10

VendorProductVersionCPE
f5njs0.7.10cpe:2.3:a:f5:njs:0.7.10:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
f5	njs	0.7.10	cpe:2.3:a:f5:njs:0.7.10:::::::*

References

github.com/nginx/njs/issues/617

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

26.8%

JSON

Related for NVD:CVE-2023-27727

prion1 cve1 cvelist1 osv1