Lucene search

K
cvelistF5CVELIST:CVE-2021-23017
HistoryJun 01, 2021 - 12:28 p.m.

CVE-2021-23017

2021-06-0112:28:09
CWE-193
f5
www.cve.org

7.9 High

AI Score

Confidence

High

0.52 Medium

EPSS

Percentile

97.6%

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

CNA Affected

[
  {
    "product": "Nginx Web Server, Nginx Plus",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Nginx Web Server versions 0.6.18 thru 1.20.0 before 1.20.1, Nginx plus versions R13 thru R23 before R23 P1. Nginx plus version R24 before R24 P1"
      }
    ]
  }
]

References