CVE-2022-35173

Published: Aug 18, 2022Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to a correct offset during code generation, leading to a segmentation violation.

Affected (1)

Products: Nginx: Njs

Nginx

1 product

Njs

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Nginx Njs	Version 0.7.5

Related CWEs

CWE-754

Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (6)

http://hg.nginx.org/njs/rev/b7c4e0f714a9

Source: cve@mitre.org

PatchThird Party Advisory

https://github.com/nginx/njs/commit/404553896792b8f5f429dc8852d15784a59d8d3e

Source: cve@mitre.org

PatchThird Party Advisory

https://github.com/nginx/njs/issues/553

Source: cve@mitre.org

ExploitIssue TrackingThird Party Advisory

http://hg.nginx.org/njs/rev/b7c4e0f714a9

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://github.com/nginx/njs/commit/404553896792b8f5f429dc8852d15784a59d8d3e

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://github.com/nginx/njs/issues/553

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

Timeline

No history available yet.