CVE-2022-35173
- Source
- https://cve.org/CVERecord?id=CVE-2022-35173
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-35173.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-35173
- Published
- 2022-08-18T06:15:07.280Z
- Modified
- 2026-04-11T23:41:55.051577Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to a correct offset during code generation, leading to a segmentation violation.
- References
Affected packages
Git / github.com/nginx/njs
Affected versions
0.*
0.1.0
0.1.1
0.1.10
0.1.11
0.1.12
0.1.13
0.1.14
0.1.15
0.1.2
0.1.3
0.1.4
0.1.5
0.1.6
0.1.7
0.1.8
0.1.9
0.2.0
0.2.1
0.2.2
0.2.3
0.2.4
0.2.5
0.2.6
0.2.7
0.2.8
0.3.0
0.3.1
0.3.2
0.3.3
0.3.4
0.3.5
0.3.6
0.3.7
0.3.8
0.3.9
0.4.0
0.4.1
0.4.2
0.4.3
0.4.4
0.5.0
0.5.1
0.5.2
0.5.3
0.6.0
0.6.1
0.6.2
0.7.0
0.7.1
0.7.2
0.7.3
0.7.4
0.7.5
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-35173.json"
vanir_signatures_modified
"2026-04-11T23:41:55Z"
vanir_signatures
[
{
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/nginx/njs/commit/404553896792b8f5f429dc8852d15784a59d8d3e",
"digest": {
"function_hash": "304029516047076007140133536908263875321",
"length": 1546.0
},
"id": "CVE-2022-35173-4378f8a0",
"deprecated": false,
"target": {
"file": "src/njs_generator.c",
"function": "njs_generate_try_end"
}
},
{
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/nginx/njs/commit/404553896792b8f5f429dc8852d15784a59d8d3e",
"digest": {
"threshold": 0.9,
"line_hashes": [
"224699747579391325238831959343261633136",
"52056593301345868156133187946512523968",
"185166471147926133279267508134815891530",
"223962460441088112010421191931167778567",
"111285792979142093917006186897021375080",
"11419336829417016789537071884973585241",
"108587633537507210242609878158511307392",
"253754656440548818088749855167038233632",
"119396003708655793939043004706493753335",
"202894104238663237536306831230273595496",
"304285341048027117825203959884466812487",
"261703387443705524283148283861347027165",
"223962460441088112010421191931167778567",
"111285792979142093917006186897021375080",
"11419336829417016789537071884973585241",
"321650022450988414625152546050505572726"
]
},
"id": "CVE-2022-35173-489a113a",
"deprecated": false,
"target": {
"file": "src/njs_generator.c"
}
},
{
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/nginx/njs/commit/404553896792b8f5f429dc8852d15784a59d8d3e",
"digest": {
"function_hash": "308183539393987763383279632380141094769",
"length": 1199.0
},
"id": "CVE-2022-35173-e548101c",
"deprecated": false,
"target": {
"file": "src/njs_generator.c",
"function": "njs_generate_try_catch"
}
},
{
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/nginx/njs/commit/404553896792b8f5f429dc8852d15784a59d8d3e",
"digest": {
"threshold": 0.9,
"line_hashes": [
"68824721654271214470007509025733089349",
"119537499777861277673241192577645023772",
"46047927877222704196910641765542344296",
"215122680273465019952994184342902706408",
"236361956205353044532968203584505879341"
]
},
"id": "CVE-2022-35173-f5a9baa4",
"deprecated": false,
"target": {
"file": "src/test/njs_unit_test.c"
}
}
]