Vulnerabilities > CVE-2020-24349 - Use After Free vulnerability in F5 NJS
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | F5
| 39 |