Vulnerabilities > CVE-2022-35173 - Improper Check for Unusual or Exceptional Conditions vulnerability in Nginx NJS 0.7.5

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

nginx

CWE-754

NVD

Published: 2022-08-18

Updated: 2022-08-24

Summary

An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to a correct offset during code generation, leading to a segmentation violation.

Vulnerable Configurations

Part	Description	Count
Application	Nginx Nginx NJS 0.7.5	1

Common Weakness Enumeration (CWE)

CWE-754 - Improper Check for Unusual or Exceptional Conditions

References

http://hg.nginx.org/njs/rev/b7c4e0f714a9
https://github.com/nginx/njs/issues/553
https://github.com/nginx/njs/commit/404553896792b8f5f429dc8852d15784a59d8d3e