{"id":"CVE-2022-29379","details":"Nginx NJS v0.7.3 was discovered to contain a stack overflow in the function njs_default_module_loader at /src/njs/src/njs_module.c. NOTE: multiple third parties dispute this report, e.g., the behavior is only found in unreleased development code that was not part of the 0.7.2, 0.7.3, or 0.7.4 release","modified":"2026-04-11T23:14:51.720465Z","published":"2022-05-25T13:15:07.837Z","references":[{"type":"REPORT","url":"https://github.com/nginx/njs/issues/491"},{"type":"FIX","url":"https://github.com/nginx/njs/commit/ab1702c7af9959366a5ddc4a75b4357d4e9ebdc1"},{"type":"FIX","url":"https://github.com/nginx/njs/issues/493"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nginx/njs","events":[{"introduced":"0"},{"last_affected":"b29a97464a46644005aed24b803e70ecf8e3f8fe"},{"fixed":"ab1702c7af9959366a5ddc4a75b4357d4e9ebdc1"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.7.3"}]}}],"versions":["0.1.0","0.1.1","0.1.10","0.1.11","0.1.12","0.1.13","0.1.14","0.1.15","0.1.2","0.1.3","0.1.4","0.1.5","0.1.6","0.1.7","0.1.8","0.1.9","0.2.0","0.2.1","0.2.2","0.2.3","0.2.4","0.2.5","0.2.6","0.2.7","0.2.8","0.3.0","0.3.1","0.3.2","0.3.3","0.3.4","0.3.5","0.3.6","0.3.7","0.3.8","0.3.9","0.4.0","0.4.1","0.4.2","0.4.3","0.4.4","0.5.0","0.5.1","0.5.2","0.5.3","0.6.0","0.6.1","0.6.2","0.7.0","0.7.1","0.7.2","0.7.3"],"database_specific":{"vanir_signatures":[{"digest":{"function_hash":"248086882674698133665043392765408486192","length":1011},"signature_version":"v1","signature_type":"Function","deprecated":false,"source":"https://github.com/nginx/njs/commit/ab1702c7af9959366a5ddc4a75b4357d4e9ebdc1","target":{"function":"njs_module_path","file":"src/njs_module.c"},"id":"CVE-2022-29379-44270a4c"},{"digest":{"threshold":0.9,"line_hashes":["7482429832924647298072604975357235335","269769495447719256786790798903243586245","87101805687335253733718727200713835148","149793166008216924919036397748877764215"]},"signature_version":"v1","signature_type":"Line","deprecated":false,"source":"https://github.com/nginx/njs/commit/ab1702c7af9959366a5ddc4a75b4357d4e9ebdc1","target":{"file":"src/njs_module.c"},"id":"CVE-2022-29379-f4471404"}],"vanir_signatures_modified":"2026-04-11T23:14:51Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-29379.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}