CVE-2021-46461

CVE-2021-46461

EPSS 3.1%

njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/nginx/njs/commit/d457c9545e7e71ebb5c0479eb16b9d33175855e2 https://github.com/nginx/njs/issues/450 https://security.netapp.com/advisory/ntap-20220303-0007/