Product:

Njs

(F5)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 37
Date Id Summary Products Score Patch Annotated
2019-05-09 CVE-2019-11838 njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.splice after a resize, related to njs_array_prototype_splice in njs/njs_array.c, because of njs_array_expand size mishandling. Njs 9.8
2019-05-09 CVE-2019-11839 njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.push after a resize, related to njs_array_prototype_push in njs/njs_array.c, because of njs_array_expand size mishandling. Njs 9.8
2019-05-20 CVE-2019-12206 njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in nxt_utf8_encode in nxt_utf8.c. Njs 9.8
2019-05-20 CVE-2019-12207 njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. Njs 9.8
2019-05-20 CVE-2019-12208 njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in njs_function_native_call in njs/njs_function.c. Njs 9.8
2019-06-30 CVE-2019-13067 njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. This issue occurs after the fix for CVE-2019-12207 is in place. Njs 9.8
2019-07-16 CVE-2019-13617 njs through 0.3.3, used in NGINX, has a heap-based buffer over-read in nxt_vsprintf in nxt/nxt_sprintf.c during error handling, as demonstrated by an njs_regexp_literal call that leads to an njs_parser_lexer_error call and then an njs_parser_scope_error call. Njs 6.5
2022-02-14 CVE-2021-46462 njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c. Njs 7.5
2022-02-14 CVE-2021-46463 njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in njs_promise_perform_then(). Njs 9.8
2022-02-14 CVE-2022-25139 njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in njs_await_fulfilled. Njs 9.8