{"id":"CVE-2022-25139","details":"njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in njs_await_fulfilled.","modified":"2026-04-12T04:41:54.006661Z","published":"2022-02-14T22:15:08.317Z","references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220303-0007/"},{"type":"FIX","url":"https://github.com/nginx/njs/commit/6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6"},{"type":"FIX","url":"https://github.com/nginx/njs/issues/451"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nginx/njs","events":[{"introduced":"0"},{"fixed":"50bb20a814c3c82b662c999630ce91ff068e3e48"},{"fixed":"6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6"}],"database_specific":{"source":["CPE_FIELD","REFERENCES"],"extracted_events":[{"introduced":"0"},{"fixed":"0.7.2"}],"cpe":"cpe:2.3:a:f5:njs:*:*:*:*:*:*:*:*"}}],"versions":["0.1.0","0.1.1","0.1.10","0.1.11","0.1.12","0.1.13","0.1.14","0.1.15","0.1.2","0.1.3","0.1.4","0.1.5","0.1.6","0.1.7","0.1.8","0.1.9","0.2.0","0.2.1","0.2.2","0.2.3","0.2.4","0.2.5","0.2.6","0.2.7","0.2.8","0.3.0","0.3.1","0.3.2","0.3.3","0.3.4","0.3.5","0.3.6","0.3.7","0.3.8","0.3.9","0.4.0","0.4.1","0.4.2","0.4.3","0.4.4","0.5.0","0.5.1","0.5.2","0.5.3","0.6.0","0.6.1","0.6.2","0.7.0","0.7.1"],"database_specific":{"vanir_signatures_modified":"2026-04-12T04:41:54Z","vanir_signatures":[{"deprecated":false,"target":{"file":"src/njs_vm.c","function":"njs_vm_start"},"signature_type":"Function","signature_version":"v1","source":"https://github.com/nginx/njs/commit/6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6","digest":{"length":221,"function_hash":"159869202928461279120140217026715637814"},"id":"CVE-2022-25139-022f1c90"},{"deprecated":false,"target":{"file":"src/njs_async.c"},"signature_type":"Line","signature_version":"v1","source":"https://github.com/nginx/njs/commit/6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6","digest":{"line_hashes":["299501325127647677370397351412489998191","165514229451339348005598600007258459700","315271151246530528523987527625917578653","26372586750537534992858291290292970354","289186967938235302177701185187394367550","70036568884174756364177677548049568654","182114208819750783380503892358594349050","238360324640715754918731923250613095517","147842365042288402022259976414854042876","113596502706607859057409682514625772781","188749800840665982467759634070757514710","183543176610710569419557455077999791927","54233347467525985390444263905843502198","93399687441230418412941651091439254551","198882619039239729643104305958744219884","209898153080857952771127505170822869731","313568867627547768393739973256313047265","164477788747837223955237980707376363748","60083825972453544444185824248377354346","320443958975015695505288044439050677489","121344166693358098388110502108701050901"],"threshold":0.9},"id":"CVE-2022-25139-0362e523"},{"deprecated":false,"target":{"file":"src/njs_function.h"},"signature_type":"Line","signature_version":"v1","source":"https://github.com/nginx/njs/commit/6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6","digest":{"line_hashes":["60493263708633285423939095647287137378","187577365841367888194011412355148044670","100725054713103056967075504758654143578","115135441268961150887630232350143245407"],"threshold":0.9},"id":"CVE-2022-25139-03a94835"},{"deprecated":false,"target":{"file":"src/njs_vmcode.c","function":"njs_vmcode_await"},"signature_type":"Function","signature_version":"v1","source":"https://github.com/nginx/njs/commit/6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6","digest":{"length":1926,"function_hash":"156387168476962798655544808876239460793"},"id":"CVE-2022-25139-5ce857f8"},{"deprecated":false,"target":{"file":"src/njs_vm.c"},"signature_type":"Line","signature_version":"v1","source":"https://github.com/nginx/njs/commit/6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6","digest":{"line_hashes":["203223909965209774891540867988539767974","210806772516032365851931825680885932501","33128064854838801345851916451234822385","87063537471886354151303968093042644683"],"threshold":0.9},"id":"CVE-2022-25139-64dabd0b"},{"deprecated":false,"target":{"file":"src/njs_function.c","function":"njs_function_frame_invoke"},"signature_type":"Function","signature_version":"v1","source":"https://github.com/nginx/njs/commit/6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6","digest":{"length":321,"function_hash":"286556312603372895041079393544154900216"},"id":"CVE-2022-25139-81a65733"},{"deprecated":false,"target":{"file":"src/njs_vmcode.h"},"signature_type":"Line","signature_version":"v1","source":"https://github.com/nginx/njs/commit/6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6","digest":{"line_hashes":["255634136792296978879749392817874698513","317305752474855021305036030013621744388","25057627101493731468708682156734333388"],"threshold":0.9},"id":"CVE-2022-25139-8e763bf6"},{"deprecated":false,"target":{"file":"src/njs_function.c","function":"njs_function_lambda_call"},"signature_type":"Function","signature_version":"v1","source":"https://github.com/nginx/njs/commit/6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6","digest":{"length":1797,"function_hash":"296420581474941866251902029822359922400"},"id":"CVE-2022-25139-bc0203e8"},{"deprecated":false,"target":{"file":"src/njs_vmcode.c","function":"njs_vmcode_interpreter"},"signature_type":"Function","signature_version":"v1","source":"https://github.com/nginx/njs/commit/6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6","digest":{"length":15822,"function_hash":"330196663835652526930299546073955273481"},"id":"CVE-2022-25139-bdd892ba"},{"deprecated":false,"target":{"file":"src/njs_value.h"},"signature_type":"Line","signature_version":"v1","source":"https://github.com/nginx/njs/commit/6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6","digest":{"line_hashes":["226326405789590664553470747065684252073","43484670794839384869149047182293861953","116484298224502831392726890369144355732","6188228936750796413849694797461891413"],"threshold":0.9},"id":"CVE-2022-25139-d1e19679"},{"deprecated":false,"target":{"file":"src/njs_async.c","function":"njs_await_fulfilled"},"signature_type":"Function","signature_version":"v1","source":"https://github.com/nginx/njs/commit/6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6","digest":{"length":1891,"function_hash":"82746156843552190940183103694155867518"},"id":"CVE-2022-25139-e6380b49"},{"deprecated":false,"target":{"file":"src/njs_vmcode.c"},"signature_type":"Line","signature_version":"v1","source":"https://github.com/nginx/njs/commit/6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6","digest":{"line_hashes":["62349804092457175723958018373569036548","264535644452027911575988654885850241502","143450769423383014016403702202412691806","214938181743768456104412860347786353155","196964399592485101893600198745299637304","267114047914211162218182584140063524340","181898035442763210757707949604933159549","44491677355270933136348813404798874560","113425950137949738595805913441686307202","195680507645829781372302033731745462695","155677063030564506909841225746017749607","231769961580032274589846702269151403040","252014861502217676730143104211089697666","95421220701838418272637752360780543205","326876272809301854420984816420772938626","269195357598903834283238584753506273479","26173375880359022223827985707988984103","119566585046867731948706792487868526480","61772706844235251202548453993401974105","94734422408954366501069308872501773707","292773008481986032740394253150278762894","305780804561936038467250509816878122111","230418406867842309235114997638383759839","129092755891090820281841064098480610866","217380746074715480622217381954006807869","186067226494086561770912981984136437080","332242554823133288223436761436843255306","78724159557830708470992495396337178231","88848649481906248345317115419869659440"],"threshold":0.9},"id":"CVE-2022-25139-e976cdc7"},{"deprecated":false,"target":{"file":"src/njs_async.c","function":"njs_async_function_frame_invoke"},"signature_type":"Function","signature_version":"v1","source":"https://github.com/nginx/njs/commit/6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6","digest":{"length":830,"function_hash":"256290706419825150853400441771456092646"},"id":"CVE-2022-25139-eb4cbf4f"},{"deprecated":false,"target":{"file":"src/njs_function.c"},"signature_type":"Line","signature_version":"v1","source":"https://github.com/nginx/njs/commit/6a07c2156a07ef307b6dcf3c2ca8571a5f1af7a6","digest":{"line_hashes":["108588471245068106143487685625958092341","189987310702655560341461897250170816457","324388347336711094878136747180786761225","90215833178858118201383198611144508055","22812341031345842045101356886420554530","130515276505821510577031053658551735679","99130168749193207579828608613801425229","113908073119683097396728169138488747672","28444829176919604075022835647438353094","74463152532109547018649875081059306309","301410828234089865278462515532396014713","41718945131898961117577097242186310288","155506929659090002377726966013633618570","208434985264666528176303940411022688173","104136770520914773060886605922333771447"],"threshold":0.9},"id":"CVE-2022-25139-f9b9274a"}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-25139.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}