4 matches found
CVE-2019-11838
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.splice after a resize, related to njsarrayprototypesplice in njs/njsarray.c, because of njsarrayexpand size mishandling...
NGINX NJS Heap-Based Buffer Overflow (CVE-2019-11838)
A buffer overflow vulnerability exists in NGINX NJS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
CVE-2019-11838
CVE-2019-11838 concerns njs (used in NGINX) up to version 0.3.1, with a heap-based buffer overflow in Array.prototype.splice after a resize. The root cause is reported as mishandling the size in njs_array_expand, affecting njs_array_prototype_splice in njs/njs_array.c. Documents consistently desc...
CVE-2019-11838
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.splice after a resize, related to njsarrayprototypesplice in njs/njsarray.c, because of njsarrayexpand size mishandling...