CVE-2020-24347
- EPSS 0.42%
- Veröffentlicht 13.08.2020 19:15:13
- Zuletzt bearbeitet 21.11.2024 05:14:38
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c.
CVE-2020-24346
- EPSS 1.05%
- Veröffentlicht 13.08.2020 19:15:13
- Zuletzt bearbeitet 21.11.2024 05:14:38
njs through 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c.
CVE-2019-13617
- EPSS 1.31%
- Veröffentlicht 16.07.2019 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:25:22
njs through 0.3.3, used in NGINX, has a heap-based buffer over-read in nxt_vsprintf in nxt/nxt_sprintf.c during error handling, as demonstrated by an njs_regexp_literal call that leads to an njs_parser_lexer_error call and then an njs_parser_scope_er...
CVE-2019-13067
- EPSS 1.6%
- Veröffentlicht 30.06.2019 00:15:11
- Zuletzt bearbeitet 21.11.2024 04:24:07
njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. This issue occurs after the fix for CVE-2019-12207 is in place.
CVE-2019-12208
- EPSS 1.71%
- Veröffentlicht 20.05.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:22:25
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in njs_function_native_call in njs/njs_function.c.
CVE-2019-12207
- EPSS 1.82%
- Veröffentlicht 20.05.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:22:25
njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c.
CVE-2019-12206
- EPSS 1.99%
- Veröffentlicht 20.05.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:22:25
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in nxt_utf8_encode in nxt_utf8.c.
CVE-2019-11837
- EPSS 1.38%
- Veröffentlicht 09.05.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:51
njs through 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c.
CVE-2019-11839
- EPSS 1.64%
- Veröffentlicht 09.05.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:52
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.push after a resize, related to njs_array_prototype_push in njs/njs_array.c, because of njs_array_expand size mishandling.
CVE-2019-11838
- EPSS 1.6%
- Veröffentlicht 09.05.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:52
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.splice after a resize, related to njs_array_prototype_splice in njs/njs_array.c, because of njs_array_expand size mishandling.