CVE-2011-4315
EPSS 2.8%
Description
Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
How to fix CVE-2011-4315
To remediate CVE-2011-4315, upgrade the affected package to a fixed version below.
- Debian/nginx—upgrade to 1.1.8-1 or later
Is CVE-2011-4315 being exploited?
Low — EPSS is 2.8%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.1.8-1