CVE-2017-7529
HIGH7.5EPSS 92.0%nginx - security update
發布日:2017/7/13修改日:2026/4/28
描述
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.
受影響套件(4)
- Alpine/nginxfrom 0, < 1.12.1-r0
- Debian/nginxfrom 0, < 1.13.3-1
- Debian/nginxfrom 0, < 1.2.1-2.2+wheezy4+deb7u1
- Debian/nginxfrom 0, < 1.6.2-5+deb8u5
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |