Vulnerabilities > CVE-2022-28049 - NULL Pointer Dereference vulnerability in F5 NJS 0.7.2
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
NGINX NJS 0.7.2 was discovered to contain a NULL pointer dereference via the component njs_vmcode_array at /src/njs_vmcode.c.
Common Weakness Enumeration (CWE)
References
- https://github.com/nginx/njs/commit/f65981b0b8fcf02d69a40bc934803c25c9f607ab
- https://github.com/nginx/njs/commit/f65981b0b8fcf02d69a40bc934803c25c9f607ab
- https://github.com/nginx/njs/issues/473
- https://github.com/nginx/njs/issues/473
- https://security.netapp.com/advisory/ntap-20220519-0008/
- https://security.netapp.com/advisory/ntap-20220519-0008/