5 matches found
CVE-2021-46461
CVE-2021-46461 involves njs (as used in NGINX) with an out-of-bounds array access in njs_vmcode.c . The vulnerability affects njs up to version 0.7.0 and can lead to an information disclosure through a read fault in the VM code typing path. Connected sources confirm the issue exists in the njs pa...
CVE-2022-30503
CVE-2022-30503 concerns Nginx NJS v0.7.2, where a segmentation fault is reported in the function njs_set_number (src/njs_value.h). The issue is described across multiple connected sources as a denial-of-service-risk stemming from the segmentation error. Concrete technical details include the affe...
CVE-2022-29780
CVE-2022-29780 affects Nginx NJS v0.7.2. The issue is a segmentation fault in the function njs_array_prototype_sort (src/njs_array.c), leading to a denial of service. Reported in multiple sources, the vulnerability context confirms a DoS vector rather than remote code execution; exploitation stat...
CVE-2022-29779
CVE-2022-29779 affects Nginx NJS v0.7.2. The issue is a segmentation violation in the function njs_value_own_enumerate located in src/njs_value.c . This vulnerability can cause a denial of service. No exploitation details or fixes are provided in the available documents; remediation/fix status is...
CVE-2022-35173
Affected software: Nginx NJS v0.7.5. Issue: the JUMP offset for a break instruction was not set to the correct offset during code generation, leading to a segmentation fault. Impact: described as a segmentation violation with CVSS v3.1 base score 7.5 ( HIGH ). Exploit details are not provided in ...