Lucene search

GoogleOSV:CVE-2021-46462

HistoryFeb 14, 2022 - 10:15 p.m.

CVE-2021-46462

2022-02-1422:15:07

Google

osv.dev

7.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.7%

JSON

njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c.

CPENameOperatorVersion
nginxeq1.20.1-r6
njseq0.1.14
nginxeq1.18.0-r10
nginxeq1.4.3-r0
njseq0.1.2
nginxeq1.8.1-r1
nginxeq1.20.1-r4
nginxeq1.12.2-r6
nginxeq0.8.54-r1
njseq0.3.1

Name	Operator	Version
nginx	eq	1.20.1-r6
njs	eq	0.1.14
nginx	eq	1.18.0-r10
nginx	eq	1.4.3-r0
njs	eq	0.1.2
nginx	eq	1.8.1-r1
nginx	eq	1.20.1-r4
nginx	eq	1.12.2-r6
nginx	eq	0.8.54-r1
njs	eq	0.3.1

Rows per page:

1-10 of 1851

References

github.com/nginx/njs/commit/39e8fa1b7db1680654527f8fa0e9ee93b334ecba

github.com/nginx/njs/issues/449

security.netapp.com/advisory/ntap-20220303-0007/