CVE-2022-29379

Name of the Vulnerable Software and Affected Versions Nginx NJS version 0.7.3

Description The issue is caused by a stack overflow in the njs default module loader function at /src/njs/src/njs module.c of the Nginx NJS interpreter. This could allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. Note that multiple third parties dispute this report, stating the behavior is only found in unreleased development code not part of the 0.7.2, 0.7.3, or 0.7.4 release.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.