Product:

Njs

(F5)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 37
Date Id Summary Products Score Patch Annotated
2022-10-28 CVE-2022-43285 Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njs_promise_reaction_job. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input. Njs 7.5
2022-10-28 CVE-2022-43286 Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c. Njs 9.8
2023-04-09 CVE-2023-27727 Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_function_frame at src/njs_function.h. Njs 7.5
2023-04-09 CVE-2023-27729 Nginx NJS v0.7.10 was discovered to contain an illegal memcpy via the function njs_vmcode_return at src/njs_vmcode.c. Njs 7.5
2023-04-09 CVE-2023-27730 Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_lvlhsh_find at src/njs_lvlhsh.c. Njs 7.5
2023-04-09 CVE-2023-27728 Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_dump_is_recursive at src/njs_vmcode.c. Njs 7.5
2020-08-13 CVE-2020-24346 njs through 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c. Njs 7.8
2020-08-13 CVE-2020-24347 njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c. Njs 5.5
2020-08-13 CVE-2020-24348 njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c. Njs 5.5
2020-08-13 CVE-2020-24349 njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface. Njs 5.5