CVE-2012-1180
EPSS 4.1%nginx - sensitive information leak
發布日:2012/4/17修改日:2026/4/28
也稱為:DEBIAN-CVE-2012-1180
描述
Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
受影響套件(2)
- Debian/nginxfrom 0, < 1.1.17-1
- Debian/nginxfrom 0, < 0.7.67-3+squeeze2