Kotori

**Name of the Vulnerable Software and Affected Versions** njs versions through 0.7.1 **Description** A control flow hijack was discovered in njs, caused by a Type Confusion vulnerability in the `njs promise perform then()` function. This issue affects njs used in NGINX. **Recommendations** For versions through 0.7.1, consider disabling the `njs promise perform then()` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.