Ret2Ddmeo

**Name of the Vulnerable Software and Affected Versions** Nginx NJS version 0.7.10 **Description** The issue is related to a segmentation violation via the function `njs function frame` at `src/njs function.h`. This can lead to a denial of service. The vulnerability is associated with a memory access issue, specifically reading beyond memory boundaries. **Recommendations** For Nginx NJS version 0.7.10, consider disabling the `njs function frame` function as a temporary workaround until a patch is available. Restrict access to the `njs function frame` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Nginx NJS version 0.7.10 **Description** The issue is related to a segmentation violation via the function `njs dump is recursive` at `src/njs vmcode.c`. This is caused by a memory boundary read issue in the `njs dump is recursive` function of the Nginx NJS interpreter. Exploitation of this issue may allow a remote attacker to cause a denial of service. **Recommendations** For Nginx NJS version 0.7.10, consider disabling the `njs dump is recursive` function as a temporary workaround until a patch is available. Restrict access to the `njs vmcode.c` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Nginx NJS version 0.7.10 **Description** The issue is related to an illegal memcpy via the function `njs vmcode return` at `src/njs vmcode.c` in the Nginx NJS interpreter. This can lead to a buffer overflow in memory. Exploitation of this issue may allow a remote attacker to cause a denial of service. **Recommendations** For Nginx NJS version 0.7.10, consider disabling the `njs vmcode return` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Nginx NJS version 0.7.10 **Description** The issue is related to a segmentation violation in the `njs lvlhsh find` function at `src/njs lvlhsh.c` and a memory reading issue in the `js vmcode return` function at `src/njs vmcode.c`. This could allow a remote attacker to cause a denial of service. **Recommendations** For Nginx NJS version 0.7.10, consider disabling the `njs lvlhsh find` and `js vmcode return` functions as a temporary workaround until a patch is available. Restrict access to the affected `njs lvlhsh.c` and `njs vmcode.c` files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do software vulnerável e versões afetadas** Nginx NJS versão 0.7.7 **Descrição** Foi detectada uma violação de segmentação no Nginx NJS por meio da função `njs utf8 next` em `src/njs utf8.h`. **Recomendações** Para o Nginx NJS versão 0.7.7, no momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.