Nginx Integer Overflow

Impact: High

Description

Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.

Recommendation

Upgrade nginx to the latest stable version.

References

Nginx
CVE-2017-7529
CWE-190
OWASP 2017-A9
OWASP 2021-A6
CWE-200
OWASP 2007-A6
OWASP 2021-A1

👉 You might also like:

The Heartbleed Bug - CVE-2014-0160

Web Server Path Traversal - CVE-2017-14849

Nginx Version Disclosure - Vulnerability

Complete guide to HTTP Headers for securing websites (Cheat Sheet)

Last updated on February 07, 2022

Nginx Integer Overflow

Description

Recommendation

References

This issue is available in SmartScanner Professional