Buffer Overflow Affecting nginx/njs package, versions [,0.7.3)
Snyk CVSS
Attack Complexity
Low
Threat Intelligence
EPSS
0.24% (62nd
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-UNMANAGED-NGINXNJS-2847909
- published 25 May 2022
- disclosed 25 May 2022
- credit salmonstriver (@salmonx)
How to fix?
Upgrade nginx/njs
to version 0.7.3 or higher.
Overview
Affected versions of this package are vulnerable to Buffer Overflow in the function njs_default_module_loader
at /src/njs/src/njs_module.c
.