18 results (0.007 seconds)

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

Buffer Overflow found in Nginx NJS allows a remote attacker to execute arbitrary code via the njs_object_property parameter of the njs/njs_vm.c function. • https://github.com/nginx/njs/issues/188 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c. Se descubrió que Nginx NJS v0.7.2 contenía un error de heap-use-after-free causado por una copia de memoria ilegal en la función njs_json_parse_iterator_call en njs_json.c. • https://github.com/nginx/njs/commit/2ad0ea24a58d570634e09c2e58c3b314505eaa6a https://github.com/nginx/njs/issues/480 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njs_promise_reaction_job. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input. ** DISPUTA ** Se descubrió que Nginx NJS v0.7.4 contenía una infracción de segmentación en njs_promise_reaction_job. NOTA: el proveedor cuestiona la importancia de este informe porque NJS no opera con información que no sea de confianza. • https://github.com/nginx/njs/issues/533 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2

Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njs_scope_valid_value at njs_scope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input. ** DISPUTA ** Se descubrió que Nginx NJS v0.7.2 a v0.7.4 contenía una infracción de segmentación a través de njs_scope_valid_value en njs_scope.h. NOTA: el proveedor cuestiona la importancia de este informe porque NJS no opera con información que no sea de confianza. • https://github.com/nginx/njs/issues/470 https://github.com/nginx/njs/issues/529 •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1

Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h. Se ha detectado que Nginx NJS versión v0.7.4, contiene una lectura fuera de los límites por medio de la función njs_scope_value en el archivo njs_scope.h • https://github.com/nginx/njs/issues/506 • CWE-125: Out-of-bounds Read •