njs through 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c.
Max CVSS
7.8
EPSS Score
0.11%
Published
2020-08-13
Updated
2022-04-15
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c.
Max CVSS
5.5
EPSS Score
0.04%
Published
2020-08-13
Updated
2022-04-15
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c.
Max CVSS
5.5
EPSS Score
0.04%
Published
2020-08-13
Updated
2022-04-15
njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface.
Max CVSS
5.5
EPSS Score
0.06%
Published
2020-08-13
Updated
2022-10-05
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!