Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-13617

njs through 0.3.3, used in NGINX, has a heap-based buffer over-read in nxt_vsprintf in nxt/nxt_sprintf.c during error handling, as demonstrated by an njs_regexp_literal call that leads to an njs_parser_lexer_error call and then an njs_parser_scope_error call.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.9%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
Products affected by CVE-2019-13617
  • F5 » Njs » Version: 0.1.0
    cpe:2.3:a:f5:njs:0.1.0
  • F5 » Njs » Version: 0.1.1
    cpe:2.3:a:f5:njs:0.1.1
  • F5 » Njs » Version: 0.1.10
    cpe:2.3:a:f5:njs:0.1.10
  • F5 » Njs » Version: 0.1.11
    cpe:2.3:a:f5:njs:0.1.11
  • F5 » Njs » Version: 0.1.12
    cpe:2.3:a:f5:njs:0.1.12
  • F5 » Njs » Version: 0.1.13
    cpe:2.3:a:f5:njs:0.1.13
  • F5 » Njs » Version: 0.1.14
    cpe:2.3:a:f5:njs:0.1.14
  • F5 » Njs » Version: 0.1.15
    cpe:2.3:a:f5:njs:0.1.15
  • F5 » Njs » Version: 0.1.2
    cpe:2.3:a:f5:njs:0.1.2
  • F5 » Njs » Version: 0.1.3
    cpe:2.3:a:f5:njs:0.1.3
  • F5 » Njs » Version: 0.1.4
    cpe:2.3:a:f5:njs:0.1.4
  • F5 » Njs » Version: 0.1.5
    cpe:2.3:a:f5:njs:0.1.5
  • F5 » Njs » Version: 0.1.6
    cpe:2.3:a:f5:njs:0.1.6
  • F5 » Njs » Version: 0.1.7
    cpe:2.3:a:f5:njs:0.1.7
  • F5 » Njs » Version: 0.1.8
    cpe:2.3:a:f5:njs:0.1.8
  • F5 » Njs » Version: 0.1.9
    cpe:2.3:a:f5:njs:0.1.9
  • F5 » Njs » Version: 0.2.0
    cpe:2.3:a:f5:njs:0.2.0
  • F5 » Njs » Version: 0.2.1
    cpe:2.3:a:f5:njs:0.2.1
  • F5 » Njs » Version: 0.2.2
    cpe:2.3:a:f5:njs:0.2.2
  • F5 » Njs » Version: 0.2.3
    cpe:2.3:a:f5:njs:0.2.3
  • F5 » Njs » Version: 0.2.4
    cpe:2.3:a:f5:njs:0.2.4
  • F5 » Njs » Version: 0.2.5
    cpe:2.3:a:f5:njs:0.2.5
  • F5 » Njs » Version: 0.2.6
    cpe:2.3:a:f5:njs:0.2.6
  • F5 » Njs » Version: 0.2.7
    cpe:2.3:a:f5:njs:0.2.7
  • F5 » Njs » Version: 0.2.8
    cpe:2.3:a:f5:njs:0.2.8
  • F5 » Njs » Version: 0.3.0
    cpe:2.3:a:f5:njs:0.3.0
  • F5 » Njs » Version: 0.3.1
    cpe:2.3:a:f5:njs:0.3.1
  • F5 » Njs » Version: 0.3.2
    cpe:2.3:a:f5:njs:0.3.2
  • F5 » Njs » Version: 0.3.3
    cpe:2.3:a:f5:njs:0.3.3


Products
Pricing
Contact Us

Shodan ® - All rights reserved