Lucene search
MitreCVE-2022-43285HistoryOct 28, 2022 - 9:15 p.m.
CVE-2022-43285
2022-10-2821:15:10
mitre
web.nvd.nist.gov
57
5
cve-2022-43285
nginx njs
segmentation violation
njs_promise_reaction_job
vendor dispute
untrusted input
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
31.4%
Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njs_promise_reaction_job. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input.
Affected configurations
Node
f5njsMatch0.7.4
References
Social References
More
Related
prion
prion
Input validation
2022-10-28 21:15:00
cvelist
cvelist
CVE-2022-43285
2022-10-28 00:00:00
nvd
nvd
CVE-2022-43285
2022-10-28 21:15:10
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
31.4%
Related for CVE-2022-43285