Vulnerabilities > F5 > NJS

DATE CVE VULNERABILITY TITLE RISK
2023-04-09 CVE-2023-27727 Out-of-bounds Read vulnerability in F5 NJS 0.7.10
Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_function_frame at src/njs_function.h.
network
low complexity
f5 CWE-125
7.5
7.5
2023-04-09 CVE-2023-27728 Out-of-bounds Read vulnerability in F5 NJS 0.7.10
Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_dump_is_recursive at src/njs_vmcode.c.
network
low complexity
f5 CWE-125
7.5
7.5
2023-04-09 CVE-2023-27729 Unspecified vulnerability in F5 NJS 0.7.10
Nginx NJS v0.7.10 was discovered to contain an illegal memcpy via the function njs_vmcode_return at src/njs_vmcode.c.
network
low complexity
f5
7.5
7.5
2023-04-09 CVE-2023-27730 Out-of-bounds Read vulnerability in F5 NJS 0.7.10
Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_lvlhsh_find at src/njs_lvlhsh.c.
network
low complexity
f5 CWE-125
7.5
7.5
2022-10-28 CVE-2022-43284 Unspecified vulnerability in F5 NJS 0.7.2/0.7.3/0.7.4
Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njs_scope_valid_value at njs_scope.h.
network
low complexity
f5
7.5
7.5
2022-10-28 CVE-2022-43285 Unspecified vulnerability in F5 NJS 0.7.4
Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njs_promise_reaction_job.
network
low complexity
f5
7.5
7.5
2022-10-28 CVE-2022-43286 Use After Free vulnerability in F5 NJS 0.7.2
Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c.
network
low complexity
f5 CWE-416
critical
 9.8
9.8
2022-09-15 CVE-2022-38890 Out-of-bounds Read vulnerability in F5 NJS 0.7.7
Nginx NJS v0.7.7 was discovered to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h
local
low complexity
f5 CWE-125
5.5
5.5
2022-07-18 CVE-2022-34027 Unspecified vulnerability in F5 NJS 0.7.4
Nginx NJS v0.7.4 was discovered to contain a segmentation violation via njs_value_property at njs_value.c.
network
low complexity
f5
7.5
7.5
2022-06-21 CVE-2022-31306 Use After Free vulnerability in F5 NJS 0.7.2
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_convert_to_slow_array at src/njs_array.c.
network
f5 CWE-416
4.3
4.3