njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.push after a resize, related to njs_array_prototype_push in njs/njs_array.c, because of njs_array_expand size mishandling.
References
Link | Resource |
---|---|
https://github.com/nginx/njs/issues/152 | Issue Tracking Exploit Third Party Advisory |
Configurations
Information
Published : 2019-05-09 07:29
Updated : 2022-03-24 07:23
NVD link : CVE-2019-11839
Mitre link : CVE-2019-11839
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
f5
- njs