Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Njs
(F5)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 37 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-10-28 | CVE-2022-43285 | Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njs_promise_reaction_job. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input. | Njs | 7.5 | ||
| 2022-10-28 | CVE-2022-43286 | Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c. | Njs | 9.8 | ||
| 2023-04-09 | CVE-2023-27727 | Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_function_frame at src/njs_function.h. | Njs | 7.5 | ||
| 2023-04-09 | CVE-2023-27729 | Nginx NJS v0.7.10 was discovered to contain an illegal memcpy via the function njs_vmcode_return at src/njs_vmcode.c. | Njs | 7.5 | ||
| 2023-04-09 | CVE-2023-27730 | Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_lvlhsh_find at src/njs_lvlhsh.c. | Njs | 7.5 | ||
| 2023-04-09 | CVE-2023-27728 | Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_dump_is_recursive at src/njs_vmcode.c. | Njs | 7.5 | ||
| 2020-08-13 | CVE-2020-24346 | njs through 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c. | Njs | 7.8 |