Design/Logic Flaw

2019-06-3000:15:00

PRIOn knowledge base

www.prio-n.com

9.5 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.7%

JSON

njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. This issue occurs after the fix for CVE-2019-12207 is in place.

CPENameOperatorVersion
njsle0.3.3

CPE	Name	Operator	Version
	njs	le	0.3.3

References

github.com/nginx/njs/issues/183