Lucene search

Basic search
Lucene search
Search by product

Vendors

Products

NginxNGINX:CVE-2021-23017

HistoryJun 01, 2021 - 1:15 p.m.

1-byte memory overwrite in resolver

2021-06-0113:15:00

mailman.nginx.org

1248

7.7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.582 Medium

EPSS

Percentile

97.7%

JSON

1-byte memory overwrite in resolver
Severity: medium
CVE-2021-23017
Not vulnerable: 1.21.0+, 1.20.1+
Vulnerable: 0.6.18-1.20.0

CPENameOperatorVersion
nginxle1.20.0

CPE	Name	Operator	Version
	nginx	le	1.20.0

References

mailman.nginx.org/pipermail/nginx-announce/2021/000300.html

ibm 7

nessus 40

osv 12

packetstorm 2

altlinux 1

ubuntucve 1

fedora 2

openvas 18

gentoo 1

cloudlinux 2

zdt 2

rocky 3

redos 14

redhat 10

debiancve 1

ubuntu 2

amazon 1

veracode 1

broadcom 2

githubexploit 3

almalinux 3

oraclelinux 3

suse 2

f5 2

prion 1

hackerone 1

debian 2

cbl_mariner 1

freebsd 1

mageia 1

cve 1

redhatcve 1

alpinelinux 1

archlinux 2

exploitdb 1

photon 8

thn 1

malwarebytes 1

oracle 4

ibm

Security Bulletin: IBM API Connect V5 is impacted by a vulnerability in nginx. (CVE-2021-23017)

2021-08-25 13:37:28

Security Bulletin: IBM Watson Machine Learning Accelerator is affected by a vulnerability in Nginx

2021-08-31 01:55:01

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Nginx

2021-10-01 06:18:54

nessus

openSUSE 15 Security Update : nginx (openSUSE-SU-2021:1815-1)

2021-07-16 00:00:00

nginx 0.6.x < 1.20.1 1-Byte Memory Overwrite RCE

2021-06-03 00:00:00

SUSE SLES15 Security Update : nginx (SUSE-SU-2021:1792-1)

2021-06-01 00:00:00

osv

nginx - security update

2021-05-30 00:00:00

nginx vulnerability

2021-05-26 13:50:49

nginx - security update

2021-05-28 00:00:00

packetstorm

nginx 1.20.0 DNS Resolver Off-By-One Heap Write

2021-05-26 00:00:00

Nginx 1.20.0 Denial Of Service

2022-07-11 00:00:00

altlinux

Security fix for the ALT Linux 9 package nginx version 1.20.1-alt1

2021-06-23 00:00:00

ubuntucve

CVE-2021-23017

2021-05-25 00:00:00

fedora

[SECURITY] Fedora 34 Update: nginx-1.20.1-2.fc34

2021-06-11 01:15:42

[SECURITY] Fedora 33 Update: nginx-1.20.1-2.fc33

2021-06-11 01:19:56

openvas

Fedora: Security Advisory for nginx (FEDORA-2021-393d698493)

2021-06-17 00:00:00

SUSE: Security Advisory (SUSE-SU-2021:1814-1)

2021-06-09 00:00:00

Ubuntu: Security Advisory (USN-4967-1)

2021-05-27 00:00:00

gentoo

nginx: Remote code execution

2021-05-26 00:00:00

cloudlinux

Fix of CVE: CVE-2021-23017

2021-09-21 22:02:21

Fix of CVE: CVE-2021-23017

2021-09-21 22:02:42

zdt

nginx 1.20.0 DNS Resolver Off-By-One Heap Write Exploit

2021-05-27 00:00:00

Nginx 1.20.0 - Denial of Service Exploit

2022-07-11 00:00:00

rocky

nginx:1.18 security update

2021-06-07 10:02:53

nginx:1.16 security update

2021-06-08 09:47:28

nginx:1.20 security update

2022-01-31 09:52:06

redos

ROS-2-600

2021-09-08 00:00:00

ROS-2-528

2021-09-08 00:00:00

ROS-2-711

2021-09-08 00:00:00

redhat

(RHSA-2021:2290) Important: nginx:1.16 security update

2021-06-08 09:47:28

(RHSA-2022:0323) Important: nginx:1.20 security update

2022-01-31 09:52:06

(RHSA-2021:2278) Important: rh-nginx116-nginx security update

2021-06-07 17:17:53

debiancve

CVE-2021-23017

2021-06-01 13:15:00

ubuntu

nginx vulnerability

2021-05-26 00:00:00

nginx vulnerability

2021-05-27 00:00:00

amazon

Important: nginx

2021-06-01 17:58:00

veracode

Remote Code Execution

2021-05-28 13:25:37

broadcom

CVE-2021-23017: NGINX Resolver Vulnerability

2022-11-08 00:00:00

CVE-2021-23017: NGINX Resolver Vulnerability

2022-11-08 00:00:00

githubexploit

Exploit for Off-by-one Error in F5 Nginx

2023-07-20 05:39:01

Exploit for Off-by-one Error in F5 Nginx

2022-06-30 04:39:58

Exploit for Off-by-one Error in F5 Nginx

2023-10-21 04:24:02

almalinux

Important: nginx:1.18 security update

2021-06-07 10:02:53

Important: nginx:1.20 security update

2022-01-31 09:52:06

Important: nginx:1.16 security update

2021-06-08 09:47:28

oraclelinux

nginx:1.16 security update

2021-06-10 00:00:00

nginx:1.20 security update

2022-02-01 00:00:00

nginx:1.18 security update

2021-06-08 00:00:00

suse

Security update for nginx (important)

2021-06-04 00:00:00

Security update for nginx (important)

2021-07-11 00:00:00

K12331123 : NGINX Plus and Open Source vulnerability CVE-2021-23017

2021-05-25 00:00:00

K52559937 : Overview of NGINX vulnerabilities (May 2021)

2021-05-25 00:00:00

prion

Memory corruption

2021-06-01 13:15:00

hackerone

Internet Bug Bounty: 1-byte heap buffer overflow in DNS resolver

2021-05-27 10:32:41

debian

[SECURITY] [DLA 2670-1] nginx security update

2021-05-30 12:56:20

[SECURITY] [DSA 4921-1] nginx security update

2021-05-28 12:05:07

cbl_mariner

CVE-2021-23017 affecting package nginx 1.16.1-4

2021-06-14 15:32:58

freebsd

NGINX -- 1-byte memory overwrite in resolver

2021-05-25 00:00:00

mageia

Updated nginx package fixes a security vulnerability

2021-06-29 20:31:40

cve

CVE-2021-23017

2021-06-01 13:15:00

redhatcve

CVE-2021-23017

2021-05-26 08:17:46

alpinelinux

CVE-2021-23017

2021-06-01 13:15:00

archlinux

[ASA-202106-36] nginx: arbitrary code execution

2021-06-15 00:00:00

[ASA-202106-48] nginx-mainline: arbitrary code execution

2021-06-22 00:00:00

exploitdb

Nginx 1.20.0 - Denial of Service (DOS)

2022-07-11 00:00:00

photon

Important Photon OS Security Update - PHSA-2021-0394

2021-05-27 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0394

2021-05-27 00:00:00

Important Photon OS Security Update - PHSA-2021-0032

2021-05-26 00:00:00

thn

Juniper Releases Patches for Critical Flaws in Junos OS and Contrail Networking

2022-07-18 05:02:00

malwarebytes

Oracle releases massive Critical Patch Update containing 520 security patches

2022-04-20 14:53:54

oracle

Oracle Critical Patch Update Advisory - April 2023

2023-04-18 00:00:00

Oracle Critical Patch Update Advisory - October 2021

2021-10-19 00:00:00

Oracle Critical Patch Update Advisory - January 2022

2022-01-18 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.582 Medium

EPSS

Percentile

97.7%

JSON

Related for NGINX:CVE-2021-23017