Upstream information

CVE-2019-12207 at MITRE

Description

njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having low severity.

SUSE Bugzilla entry: 1139863 [NEW]

No SUSE Security Announcements cross referenced.