CVE-2020-24349

Published
View on NVD ↗
CVSS v3
5.5
MEDIUM
CVSS v2
2.1
LOW
Affected
1
PROJECT

Description

njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface.

nginx/njs
nginx/njs
A subset of JavaScript language to use in nginx
GitHubGitHub
1.57K