njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24348
Reference (s):
- https://security.netapp.com/advisory/ntap-20200918-0001/
- https://github.com/nginx/njs/issues/322