Описание
njs through 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.3.1 (включая)
cpe:2.3:a:f5:njs:*:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00283
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-189
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
njs through 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c.
EPSS
Процентиль: 51%
0.00283
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-189