CVE-2023-27729

Name of the Vulnerable Software and Affected Versions Nginx NJS version 0.7.10

Description The issue is related to an illegal memcpy via the function njs vmcode return at src/njs vmcode.c in the Nginx NJS interpreter. This can lead to a buffer overflow in memory. Exploitation of this issue may allow a remote attacker to cause a denial of service.

Recommendations For Nginx NJS version 0.7.10, consider disabling the njs vmcode return function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.