本ページは f5 njs に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-8711 | NGINX JavaScript has a vulnerability when the js_fetch_proxy directive is configured with at least one client-controlled NGINX variable (for example, $http_*, $arg_*, $cookie_*) and a location invoking the ngx.fetch() operation from NGINX JavaScript. An unauthenticated attacker can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Spa | [email protected] | 9.2 | 0.89% | 2026-05-19 | 2026-06-17 |
| CVE-2023-27730 | Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_lvlhsh_find at src/njs_lvlhsh.c. | [email protected] | 7.5 | 0.74% | 2023-04-09 | 2026-06-17 |
| CVE-2023-27729 | Nginx NJS v0.7.10 was discovered to contain an illegal memcpy via the function njs_vmcode_return at src/njs_vmcode.c. | [email protected] | 7.5 | 0.66% | 2023-04-09 | 2026-06-17 |
| CVE-2023-27728 | Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_dump_is_recursive at src/njs_vmcode.c. | [email protected] | 7.5 | 0.74% | 2023-04-09 | 2026-06-17 |
| CVE-2023-27727 | Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_function_frame at src/njs_function.h. | [email protected] | 7.5 | 0.73% | 2023-04-09 | 2026-06-17 |
| CVE-2020-19695 | Buffer Overflow found in Nginx NJS allows a remote attacker to execute arbitrary code via the njs_object_property parameter of the njs/njs_vm.c function. | [email protected] | 9.8 | 1.33% | 2023-04-04 | 2026-06-16 |
| CVE-2020-19692 | Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92 allows a remote attacker to execute arbitrary code via the njs_module_read in the njs_module.c file. | [email protected] | 9.8 | 1.32% | 2023-04-04 | 2026-06-16 |
| CVE-2022-43286 | Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c. | [email protected] | 9.8 | 0.90% | 2022-10-28 | 2026-06-17 |
| CVE-2022-43285 | Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njs_promise_reaction_job. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input. | [email protected] | 7.5 | 0.74% | 2022-10-28 | 2026-06-17 |
| CVE-2022-43284 | Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njs_scope_valid_value at njs_scope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input. | [email protected] | 7.5 | 0.80% | 2022-10-28 | 2026-06-17 |
| CVE-2022-38890 | Nginx NJS v0.7.7 was discovered to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h | [email protected] | 5.5 | 0.28% | 2022-09-15 | 2026-06-17 |
| CVE-2022-34032 | Nginx NJS v0.7.5 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c. | [email protected] | 7.5 | 0.77% | 2022-07-18 | 2026-06-17 |
| CVE-2022-34031 | Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_value_to_number at src/njs_value_conversion.h. | [email protected] | 7.5 | 0.77% | 2022-07-18 | 2026-06-17 |
| CVE-2022-34030 | Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_djb_hash at src/njs_djb_hash.c. | [email protected] | 7.5 | 0.77% | 2022-07-18 | 2026-06-17 |
| CVE-2022-34029 | Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h. | [email protected] | 9.1 | 1.01% | 2022-07-18 | 2026-06-17 |
| CVE-2022-34028 | Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h. | [email protected] | 7.5 | 0.89% | 2022-07-18 | 2026-06-17 |
| CVE-2022-34027 | Nginx NJS v0.7.4 was discovered to contain a segmentation violation via njs_value_property at njs_value.c. | [email protected] | 7.5 | 0.77% | 2022-07-18 | 2026-06-17 |
| CVE-2022-32414 | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_vmcode_interpreter at src/njs_vmcode.c. | [email protected] | 5.5 | 0.56% | 2022-06-21 | 2026-06-17 |
| CVE-2022-31307 | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_string_offset at src/njs_string.c. | [email protected] | 5.5 | 0.56% | 2022-06-21 | 2026-06-17 |
| CVE-2022-31306 | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_convert_to_slow_array at src/njs_array.c. | [email protected] | 5.5 | 0.56% | 2022-06-21 | 2026-06-17 |