VYPR

Njs

by Nginx

Source repositories

CVEs (45)

  • CVE-2022-27007CriApr 14, 2022
    risk 0.00cvss 9.8epss 0.02

    nginx njs 0.7.2 is affected suffers from Use-after-free in njs_function_frame_alloc() when it try to invoke from a restored frame saved with njs_function_frame_save().

  • CVE-2022-25139CriFeb 14, 2022
    risk 0.00cvss 9.8epss 0.02

    njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in njs_await_fulfilled.

  • CVE-2021-46463CriFeb 14, 2022
    risk 0.00cvss 9.8epss 0.02

    njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in njs_promise_perform_then().

  • CVE-2021-46462HigFeb 14, 2022
    risk 0.00cvss 7.5epss 0.02

    njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c.

  • CVE-2021-46461CriFeb 14, 2022
    risk 0.00cvss 9.8epss 0.03

    njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c.

Page 3 of 3