Lucene search
K

5 matches found

CVE
CVE
added 2022/02/14 9:47 p.m.158 views

CVE-2021-46461

CVE-2021-46461 involves njs (as used in NGINX) with an out-of-bounds array access in njs_vmcode.c . The vulnerability affects njs up to version 0.7.0 and can lead to an information disclosure through a read fault in the VM code typing path. Connected sources confirm the issue exists in the njs pa...

9.8CVSS9.5AI score0.03121EPSS
CVE
CVE
added 2022/05/27 1:13 p.m.79 views

CVE-2022-30503

CVE-2022-30503 concerns Nginx NJS v0.7.2, where a segmentation fault is reported in the function njs_set_number (src/njs_value.h). The issue is described across multiple connected sources as a denial-of-service-risk stemming from the segmentation error. Concrete technical details include the affe...

5.5CVSS5.4AI score0.0028EPSS
CVE
CVE
added 2022/05/27 1:13 p.m.73 views

CVE-2022-29780

CVE-2022-29780 affects Nginx NJS v0.7.2. The issue is a segmentation fault in the function njs_array_prototype_sort (src/njs_array.c), leading to a denial of service. Reported in multiple sources, the vulnerability context confirms a DoS vector rather than remote code execution; exploitation stat...

5.5CVSS5.4AI score0.00384EPSS
CVE
CVE
added 2022/05/27 1:13 p.m.72 views

CVE-2022-29779

CVE-2022-29779 affects Nginx NJS v0.7.2. The issue is a segmentation violation in the function njs_value_own_enumerate located in src/njs_value.c . This vulnerability can cause a denial of service. No exploitation details or fixes are provided in the available documents; remediation/fix status is...

5.5CVSS5.4AI score0.00384EPSS
CVE
CVE
added 2022/08/18 5:8 a.m.69 views

CVE-2022-35173

Affected software: Nginx NJS v0.7.5. Issue: the JUMP offset for a break instruction was not set to the correct offset during code generation, leading to a segmentation fault. Impact: described as a segmentation violation with CVSS v3.1 base score 7.5 ( HIGH ). Exploit details are not provided in ...

7.5CVSS7.5AI score0.0108EPSS