CVE-2022-43284
First published: Fri Oct 28 2022(Updated: )
** DISPUTED ** Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njs_scope_valid_value at njs_scope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 Njs | >=0.7.2<=0.7.4 | |
| >=0.7.2<=0.7.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-43284.
What is the severity level of CVE-2022-43284?
The severity level of CVE-2022-43284 is high (7.5).
What software versions are affected by CVE-2022-43284?
Nginx NJS versions 0.7.2 to 0.7.4 are affected by CVE-2022-43284.
What is the nature of the vulnerability in CVE-2022-43284?
CVE-2022-43284 is a segmentation violation vulnerability in Nginx NJS.
Is there any dispute regarding the significance of CVE-2022-43284?
Yes, the vendor disputes the significance of this report.
- collector/nvd-index
- agent/references
- agent/type
- agent/remedy
- agent/first-publish-date
- agent/severity
- agent/author
- agent/softwarecombine
- agent/status
- agent/description
- agent/event
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- status/disputed
- vendor/f5
- canonical/f5 njs
- version/f5 njs/0.7.2
- version/f5 njs/0.7.4