CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-19695
https://notcve.org/view.php?id=CVE-2020-19695
Buffer Overflow found in Nginx NJS allows a remote attacker to execute arbitrary code via the njs_object_property parameter of the njs/njs_vm.c function. • https://github.com/nginx/njs/issues/188 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-43285
https://notcve.org/view.php?id=CVE-2022-43285
Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njs_promise_reaction_job. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input. ** DISPUTA ** Se descubrió que Nginx NJS v0.7.4 contenía una infracción de segmentación en njs_promise_reaction_job. NOTA: el proveedor cuestiona la importancia de este informe porque NJS no opera con información que no sea de confianza. • https://github.com/nginx/njs/issues/533 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2022-43284
https://notcve.org/view.php?id=CVE-2022-43284
Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njs_scope_valid_value at njs_scope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input. ** DISPUTA ** Se descubrió que Nginx NJS v0.7.2 a v0.7.4 contenía una infracción de segmentación a través de njs_scope_valid_value en njs_scope.h. NOTA: el proveedor cuestiona la importancia de este informe porque NJS no opera con información que no sea de confianza. • https://github.com/nginx/njs/issues/470 https://github.com/nginx/njs/issues/529 •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34029
https://notcve.org/view.php?id=CVE-2022-34029
Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h. Se ha detectado que Nginx NJS versión v0.7.4, contiene una lectura fuera de los límites por medio de la función njs_scope_value en el archivo njs_scope.h • https://github.com/nginx/njs/issues/506 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34027
https://notcve.org/view.php?id=CVE-2022-34027
Nginx NJS v0.7.4 was discovered to contain a segmentation violation via njs_value_property at njs_value.c. Se ha detectado que Nginx NJS versión v0.7.4, contiene una violación de segmentación por medio de la función njs_value_property en el archivo njs_value.c • https://github.com/nginx/njs/issues/504 •