exploitDog

GHSA-7q32-cwfh-9pj6

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. This issue occurs after the fix for CVE-2019-12207 is in place.

njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. This issue occurs after the fix for CVE-2019-12207 is in place.

Ссылки

EPSS

Процентиль: 58%

0.00367

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-125

Связанные уязвимости

CVE-2019-13067

CVSS3: 9.8

nvd

больше 6 лет назад

njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. This issue occurs after the fix for CVE-2019-12207 is in place.

EPSS

Процентиль: 58%

0.00367

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-125