Nginx NJS 0.7.5 src/njs_djb_hash.c njs_djb_hash memory corruption

A vulnerability, which was classified as critical, has been found in Nginx NJS 0.7.5 (Web Server). This issue affects the function njs_djb_hash of the file src/njs_djb_hash.c. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field07/19/2022 09:59 AM08/06/2022 10:53 AM
vendorNginxNginx
nameNJSNJS
version0.7.50.7.5
filesrc/njs_djb_hash.csrc/njs_djb_hash.c
functionnjs_djb_hashnjs_djb_hash
cwe119 (memory corruption)119 (memory corruption)
risk22
cvss3_vuldb_acLL
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_rcCC
identifier540540
urlhttps://github.com/nginx/njs/issues/540https://github.com/nginx/njs/issues/540
cveCVE-2022-34030CVE-2022-34030
cve_assigned1655676000 (06/20/2022)1655676000 (06/20/2022)
cve_nvd_summaryNginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_djb_hash at src/njs_djb_hash.c.Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_djb_hash at src/njs_djb_hash.c.
date1658181600 (07/19/2022)1658181600 (07/19/2022)
typeWeb ServerWeb Server
cvss2_vuldb_acLL
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_rcCC
cvss2_vuldb_avAA
cvss2_vuldb_auSS
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss3_vuldb_avAA
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss2_vuldb_basescore5.25.2
cvss2_vuldb_tempscore5.25.2
cvss3_vuldb_basescore5.55.5
cvss3_vuldb_tempscore5.55.5
cvss3_meta_basescore5.56.5
cvss3_meta_tempscore5.56.5
price_0day$0-$5k$0-$5k
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cN
cvss3_nvd_iN
cvss3_nvd_aH
cvss3_nvd_basescore7.5

Do you need the next level of professionalism?

Upgrade your account now!