5 matches found
CVE-2020-24347
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njslvlhshlevelfind in njslvlhsh.c...
CVE-2020-24347 affecting package nginx for versions less than 1.25.4-1
CVE-2020-24347 affecting package nginx for versions less than 1.25.4-1. A patched version of the package is available...
AZL-35029 CVE-2020-24347 affecting package nginx for versions less than 1.25.4-1
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njslvlhshlevelfind in njslvlhsh.c...
CVE-2020-24347
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njslvlhshlevelfind in njslvlhsh.c...
CVE-2020-24347
The connected data confirms CVE-2020-24347 affects njs up to version 0.4.3 when used with NGINX, due to an out-of-bounds read in njs_lvlhsh_level_find (njs_lvlhsh.c). Affected component: njs (embedded JavaScript) used in NGINX; root cause is an out-of-bounds read in the hash-level lookup implemen...