CVE-2022-35173 - An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to

CVE-2022-35173

Summary

An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to a correct offset during code generation, leading to a segmentation violation.

References

http://hg.nginx.org/njs/rev/b7c4e0f714a9
https://github.com/nginx/njs/issues/553
https://github.com/nginx/njs/commit/404553896792b8f5f429dc8852d15784a59d8d3e

Vulnerable Configurations

cpe:2.3:a:nginx:njs:0.7.5:*:*:*:*:*:*:*
cpe:2.3:a:nginx:njs:0.7.5:*:*:*:*:*:*:*

CVSS

Base:	None
Impact:
Exploitability:

CWE

CWE-754

CAPEC

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

24-08-2022 - 16:02

Published

18-08-2022 - 06:15

Last modified

24-08-2022 - 16:02