0.7.4

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

NVD

Published: 2022-10-28

Updated: 2024-08-03

Summary

Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njs_scope_valid_value at njs_scope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input.

Vulnerable Configurations

Part	Description	Count
Application	F5 F5 NJS 0.7.2 F5 NJS 0.7.3 F5 NJS 0.7.4	3

References

https://github.com/nginx/njs/issues/470
https://github.com/nginx/njs/issues/529