njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c.
Max CVSS
9.8
EPSS Score
0.28%
Published
2022-02-14
Updated
2022-05-11
Buffer Overflow found in Nginx NJS allows a remote attacker to execute arbitrary code via the njs_object_property parameter of the njs/njs_vm.c function.
Max CVSS
9.8
EPSS Score
0.37%
Published
2023-04-04
Updated
2023-04-10
Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92 allows a remote attacker to execute arbitrary code via the njs_module_read in the njs_module.c file.
Max CVSS
9.8
EPSS Score
0.52%
Published
2023-04-04
Updated
2023-04-10
3 vulnerabilities found