CVE-2022-34030

The CVE-2022-34030 entry concerns Nginx NJS 0.7.5, with a segmentation fault in the njs_djb_hash function (src/njs_djb_hash.c). The vulnerability is described as a segmentation violation, indicating a crash or denial of service condition. The available connected documents confirm the affected com...

CVE-2022-34028

CVE-2022-34028 affects Nginx NJS 0.7.5. The vulnerability is a segmentation fault triggered by njs_utf8_next in src/njs_utf8.h, as described in connected records. The NVD entry links a CVSS v3.1 base score of 7.5 (HIGH) with network attack vector, no privileges, no user interaction, and availabil...

Nginx 安全漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from Nginx, Inc. njs is one of the scripting language components that supports extended NGINX functionality. A security vulnerability exists in Nginx NJS 0.7.5, which stems from a segmentation violation in...

Fedora: Security Advisory for golang-gopkg-src-d-git-4 (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: golang-gopkg-src-d-git-4-4.13.1-8.fc35

A highly extensible git implementation in pure go...

roaring-landmask (=0.4.0) potentially affected by CVE-2022-2097 via openssl-src (=300.0.0+3.0.0)

openssl-src CARGO version =300.0.0+3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - roaring-landmask =0.4.0 Source cves: CVE-2022-2097 Source advisory: OSV:GHSA-3WX7-46CH-7RQ2...

openssl-sys (>=0.9.35 <=0.9.37) potentially affected by CVE-2022-2097 via openssl-src (=110.0.7+1.1.0i)

openssl-src CARGO version =110.0.7+1.1.0i is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - openssl-sys =0.9.35, =0.9.37 Source cves: CVE-2022-2097 Source advisory: OSV:GHSA-3WX7-46CH-7RQ2...

Fedora: Security Advisory for golang-gopkg-src-d-git-4 (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openssl-sys (>=0.9.35 <=0.9.37) potentially affected by CVE-2022-2097 via openssl-src (=110.0.7+1.1.0i)

openssl-src CARGO version =110.0.7+1.1.0i is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - openssl-sys =0.9.35, =0.9.37 Source cves: CVE-2022-2097 Source advisory: OSV:RUSTSEC-2022-0032...

[SECURITY] Fedora 36 Update: golang-gopkg-src-d-git-4-4.13.1-8.fc36

A highly extensible git implementation in pure go...

Deserialization of untrusted data

ThinkPHP v6.0.12 was discovered to contain a deserialization vulnerability via the component vendor\league\flysystem-cached-adapter\src\Storage\AbstractCache.php. This vulnerability allows attackers to execute arbitrary code via a crafted payload...

CVE-2021-40944

In GPAC MP4Box 1.1.0, there is a Null pointer reference in the function gffilterpidgetpacket function in src/filtercore/filterpid.c:5394, as demonstrated by GPAC. This can cause a denial of service DOS...

CVE-2021-40944

In GPAC MP4Box 1.1.0, there is a Null pointer reference in the function gffilterpidgetpacket function in src/filtercore/filterpid.c:5394, as demonstrated by GPAC. This can cause a denial of service DOS...

CVE-2022-31306

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsarrayconverttoslowarray at src/njsarray.c...

Code injection

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsstringoffset at src/njsstring.c...

Design/Logic Flaw

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsarrayconverttoslowarray at src/njsarray.c...

CVE-2022-31307

The provided connected records confirm a concrete vulnerability: Nginx NJS version 0.7.2 contains a segmentation violation in the function njs_string_offset (src/njs_string.c). This is the root cause described consistently across CVE-2022-31307 entries (NVD, Red Hat, OSV, CVE lists). The impact i...

CVE-2022-31307

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsstringoffset at src/njsstring.c...

CVE-2022-31306

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsarrayconverttoslowarray at src/njsarray.c...

MAL-2022-3231 Malicious code in frontend-src (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f82e9d69203fc3786cb5e2c10c0de2d32487d039a88f4c90fce6cec3c70e92b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...