Lucene search

FreeBSD0882F019-BD60-11EB-9BDD-8C164567CA3C

HistoryMay 25, 2021 - 12:00 a.m.

NGINX -- 1-byte memory overwrite in resolver

2021-05-2500:00:00

vuxml.freebsd.org

0.52 Medium

EPSS

Percentile

97.6%

JSON

NGINX team reports:

1-byte memory overwrite might occur during DNS server response
processing if the “resolver” directive was used, allowing an
attacker who is able to forge UDP packets from the DNS server
to cause worker process crash or, potentially, arbitrary code
execution.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchnginx< 1.20.1,2UNKNOWN
FreeBSDanynoarchnginx-devel< 1.21.0UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	nginx	< 1.20.1,2	UNKNOWN
FreeBSD	any	noarch	nginx-devel	< 1.21.0	UNKNOWN

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017

nessus

Photon OS 4.0: Nginx PHSA-2021-4.0-0032

2021-05-28 00:00:00

SUSE SLES15 Security Update : nginx (SUSE-SU-2021:1792-1)

2021-06-01 00:00:00

Debian DSA-4921-1 : nginx - security update

2021-06-01 00:00:00

openvas

SUSE: Security Advisory (SUSE-SU-2021:1839-1)

2021-06-09 00:00:00

Mageia: Security Advisory (MGASA-2021-0301)

2022-01-28 00:00:00

Fedora: Security Advisory for nginx (FEDORA-2021-b37cffac0d)

2021-06-17 00:00:00

ibm

Security Bulletin: IBM Watson Machine Learning Accelerator is affected by a vulnerability in Nginx

2021-08-31 01:55:01

Security Bulletin: IBM API Connect V5 is impacted by a vulnerability in nginx. (CVE-2021-23017)

2021-08-25 13:37:28

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Nginx

2021-10-01 06:18:54

ubuntu

nginx vulnerability

2021-05-26 00:00:00

nginx vulnerability

2021-05-27 00:00:00

redhat

(RHSA-2021:2290) Important: nginx:1.16 security update

2021-06-08 09:47:28

(RHSA-2022:0323) Important: nginx:1.20 security update

2022-01-31 09:52:06

(RHSA-2021:2278) Important: rh-nginx116-nginx security update

2021-06-07 17:17:53

debiancve

CVE-2021-23017

2021-06-01 13:15:00

amazon

Important: nginx

2021-06-01 17:58:00

redos

ROS-2-600

2021-09-08 00:00:00

ROS-2-528

2021-09-08 00:00:00

ROS-2-711

2021-09-08 00:00:00

osv

nginx - security update

2021-05-28 00:00:00

BIT-nginx-2021-23017

2024-03-06 10:59:30

nginx - security update

2021-05-30 00:00:00

packetstorm

Nginx 1.20.0 Denial Of Service

2022-07-11 00:00:00

nginx 1.20.0 DNS Resolver Off-By-One Heap Write

2021-05-26 00:00:00

zdt

Nginx 1.20.0 - Denial of Service Exploit

2022-07-11 00:00:00

nginx 1.20.0 DNS Resolver Off-By-One Heap Write Exploit

2021-05-27 00:00:00

rocky

nginx:1.18 security update

2021-06-07 10:02:53

nginx:1.20 security update

2022-01-31 09:52:06

nginx:1.16 security update

2021-06-08 09:47:28

gentoo

nginx: Remote code execution

2021-05-26 00:00:00

altlinux

Security fix for the ALT Linux 9 package nginx version 1.20.1-alt1

2021-06-23 00:00:00

fedora

[SECURITY] Fedora 34 Update: nginx-1.20.1-2.fc34

2021-06-11 01:15:42

[SECURITY] Fedora 33 Update: nginx-1.20.1-2.fc33

2021-06-11 01:19:56

cloudlinux

Fix of CVE: CVE-2021-23017

2021-09-21 22:02:21

Fix of CVE: CVE-2021-23017

2021-09-21 22:02:42

ubuntucve

CVE-2021-23017

2021-05-25 00:00:00

cvelist

CVE-2021-23017

2021-06-01 12:28:09

almalinux

Important: nginx:1.18 security update

2021-06-07 10:02:53

Important: nginx:1.20 security update

2022-01-31 09:52:06

Important: nginx:1.16 security update

2021-06-08 09:47:28

nginx

1-byte memory overwrite in resolver

2021-06-01 13:15:00

broadcom

CVE-2021-23017: NGINX Resolver Vulnerability

2022-11-08 00:00:00

CVE-2021-23017: NGINX Resolver Vulnerability

2022-11-08 00:00:00

githubexploit

Exploit for Off-by-one Error in F5 Nginx

2023-10-21 04:24:02

Exploit for Off-by-one Error in F5 Nginx

2023-07-20 05:39:01

Exploit for Off-by-one Error in F5 Nginx

2022-06-30 04:39:58

veracode

Remote Code Execution

2021-05-28 13:25:37

oraclelinux

nginx:1.16 security update

2021-06-10 00:00:00

nginx:1.20 security update

2022-02-01 00:00:00

nginx:1.18 security update

2021-06-08 00:00:00

K12331123 : NGINX Plus and Open Source vulnerability CVE-2021-23017

2021-05-25 00:00:00

K52559937 : Overview of NGINX vulnerabilities (May 2021)

2021-05-25 00:00:00

suse

Security update for nginx (important)

2021-07-11 00:00:00

Security update for nginx (important)

2021-06-04 00:00:00

hackerone

Internet Bug Bounty: 1-byte heap buffer overflow in DNS resolver

2021-05-27 10:32:41

cbl_mariner

CVE-2021-23017 affecting package nginx 1.16.1-4

2021-06-14 15:32:58

mageia

Updated nginx package fixes a security vulnerability

2021-06-29 20:31:40

redhatcve

CVE-2021-23017

2021-05-26 08:17:46

cve

CVE-2021-23017

2021-06-01 13:15:00

debian

[SECURITY] [DLA 2670-1] nginx security update

2021-05-30 12:57:15

[SECURITY] [DSA 4921-1] nginx security update

2021-05-28 12:05:07

prion

Memory corruption

2021-06-01 13:15:00

archlinux

[ASA-202106-48] nginx-mainline: arbitrary code execution

2021-06-22 00:00:00

[ASA-202106-36] nginx: arbitrary code execution

2021-06-15 00:00:00

alpinelinux

CVE-2021-23017

2021-06-01 13:15:00

exploitdb

Nginx 1.20.0 - Denial of Service (DOS)

2022-07-11 00:00:00

photon

Important Photon OS Security Update - PHSA-2021-0394

2021-05-27 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0394

2021-05-27 00:00:00

Important Photon OS Security Update - PHSA-2021-0032

2021-05-26 00:00:00

thn

Juniper Releases Patches for Critical Flaws in Junos OS and Contrail Networking

2022-07-18 05:02:00

malwarebytes

Oracle releases massive Critical Patch Update containing 520 security patches

2022-04-20 14:53:54

oracle

Oracle Critical Patch Update Advisory - October 2021

2021-10-19 00:00:00

Oracle Critical Patch Update Advisory - April 2023

2023-04-18 00:00:00

Oracle Critical Patch Update Advisory - January 2022

2022-01-18 00:00:00

0.52 Medium

EPSS

Percentile

97.6%

JSON

Related for 0882F019-BD60-11EB-9BDD-8C164567CA3C