Vulnerability Details : CVE-2019-11839
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.push after a resize, related to njs_array_prototype_push in njs/njs_array.c, because of njs_array_expand size mishandling.
Vulnerability category: OverflowMemory Corruption
Exploit prediction scoring system (EPSS) score for CVE-2019-11839
0.39%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 70 %
Percentile, the proportion of vulnerabilities that are scored at or less