CVE-2013-4547

EPSS 90.9%

nginx - restriction bypass

Published: 11/23/2013Modified: 4/28/2026

Description

nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI.

Affected packages (2)

Debian/nginxfrom 0, < 1.4.4-1
Debian/nginxfrom 0, < 1.2.1-2.2+wheezy2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-4547