Lucene search
OracleLinuxELSA-2020-5859HistorySep 24, 2020 - 12:00 a.m.
olcne nginx security update
2020-09-2400:00:00
linux.oracle.com
40
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
olcne
[1.1.6-1]
- support upgrading nginx
- Adress CVE-2019-9511
- Adress CVE-2018-16845
- Adress CVE-2017-7529
- support upgrading flannel
nginx
[1.17.7-2] - Changed nginx home dir to /var/lib/nginx for consistency
[1.17.7-1] - Added Oracle Specific Build Files for nginx
- Adress CVE-2019-9511
- Adress CVE-2018-16845
- Adress CVE-2017-7529
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | nginx | < 1.17.7-2.el7 | nginx-1.17.7-2.el7.src.rpm |
| oracle linux | 7 | src | olcne | < 1.1.6-1.el7 | olcne-1.1.6-1.el7.src.rpm |
| oracle linux | 7 | x86_64 | nginx | < 1.17.7-2.el7 | nginx-1.17.7-2.el7.x86_64.rpm |
| oracle linux | 7 | noarch | nginx-all-modules | < 1.17.7-2.el7 | nginx-all-modules-1.17.7-2.el7.noarch.rpm |
| oracle linux | 7 | noarch | nginx-filesystem | < 1.17.7-2.el7 | nginx-filesystem-1.17.7-2.el7.noarch.rpm |
| oracle linux | 7 | x86_64 | nginx-mod-http-image-filter | < 1.17.7-2.el7 | nginx-mod-http-image-filter-1.17.7-2.el7.x86_64.rpm |
| oracle linux | 7 | x86_64 | nginx-mod-http-perl | < 1.17.7-2.el7 | nginx-mod-http-perl-1.17.7-2.el7.x86_64.rpm |
| oracle linux | 7 | x86_64 | nginx-mod-http-xslt-filter | < 1.17.7-2.el7 | nginx-mod-http-xslt-filter-1.17.7-2.el7.x86_64.rpm |
| oracle linux | 7 | x86_64 | nginx-mod-mail | < 1.17.7-2.el7 | nginx-mod-mail-1.17.7-2.el7.x86_64.rpm |
| oracle linux | 7 | x86_64 | nginx-mod-stream | < 1.17.7-2.el7 | nginx-mod-stream-1.17.7-2.el7.x86_64.rpm |
Related
nessus
nessus
Oracle Linux 7 : olcne / nginx (ELSA-2020-5859)
2020-09-25 00:00:00
Oracle Linux 7 : olcne / nginx (ELSA-2020-5862)
2020-09-28 00:00:00
nginx Data Disclosure Vulnerability
2018-10-16 00:00:00
oraclelinux
oraclelinux
olcne nginx security update
2020-09-28 00:00:00
nghttp2 security update
2019-09-10 00:00:00
nginx:1.14 security update
2019-09-19 00:00:00
symantec
symantec
Nginx Vulnerabilities Jul 2017 - Oct 2019
2020-05-06 18:48:22
Microsoft Windows 'HTTP.sys' CVE-2019-9511 Denial of Service Vulnerability
2019-08-13 00:00:00
openvas
openvas
Debian Security Advisory DSA 3908-1 (nginx - security update)
2017-07-12 00:00:00
Debian LTS: Security Advisory for nginx (DLA-1024-1)
2018-02-05 00:00:00
Debian Security Advisory DSA 3908-1 (nginx - security update)
2017-07-12 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: nginx-1.12.1-1.fc25
2017-08-24 00:55:09
[SECURITY] Fedora 26 Update: nginx-1.12.1-1.fc26
2017-08-23 19:56:04
[SECURITY] Fedora 29 Update: nginx-1.16.1-1.fc29
2019-09-04 04:07:11
veracode
veracode
Information Disclosure
2019-01-15 09:18:29
Integer Overflow
2017-08-22 03:07:44
Denial Of Service (DoS)
2019-01-15 09:26:40
f5
f5
K48602933 : Nginx vulnerability CVE-2017-7529
2017-08-07 00:00:00
K24374526 : nginx vulnerability CVE-2018-16845
2019-01-11 00:00:00
osv
osv
nginx - security update
2017-07-13 00:00:00
CVE-2017-7529
2017-07-13 13:29:00
nginx - security update
2017-07-12 00:00:00
hackerone
hackerone
Brave Software: https://publishers.basicattentiontoken.org/favicon.ico is Vulnerable to CVE-2017-7529
2020-09-12 20:12:13
Stripo Inc: Integer Overflow (CVE_2017_7529)
2020-05-16 22:40:29
redhat
redhat
(RHSA-2017:2538) Low: rh-nginx110-nginx security update
2017-08-28 21:33:36
(RHSA-2018:3652) Important: rh-nginx18-nginx security update
2018-11-26 11:39:20
(RHSA-2019:2692) Important: nghttp2 security update
2019-09-09 18:39:39
ibm
ibm
Security Bulletin: IBM Maximo Application Suite uses Remote Integer Buffer Overflow Vulnerability which is vulnerable to CVE-2017-7529
2024-01-23 07:15:22
Security Bulletin: A vulnerability in nginx affects PowerKVM
2018-06-18 01:38:45
Security Bulletin: Aspera Applications are affected by a Nginx vulnerability
2018-06-15 07:08:32
altlinux
altlinux
Security fix for the ALT Linux 9 package nginx version 1.12.1-alt1
2017-07-11 00:00:00
mageia
mageia
Updated nginx packages fix security vulnerability
2017-07-30 18:58:51
Updated nghttp2 packages fix security vulnerabilities
2019-09-28 04:05:09
Updated nginx packages fix security vulnerabilities
2019-11-30 16:06:06
archlinux
archlinux
[ASA-201707-12] nginx-mainline: information disclosure
2017-07-12 00:00:00
[ASA-201707-11] nginx: information disclosure
2017-07-12 00:00:00
[ASA-201908-17] libnghttp2: denial of service
2019-08-27 00:00:00
alpinelinux
alpinelinux
debian
debian
[SECURITY] [DLA 1024-1] nginx security update
2017-07-13 08:21:10
[SECURITY] [DSA 3908-1] nginx security update
2017-07-12 21:25:54
[SECURITY] [DLA 1572-1] nginx security update
2018-11-08 17:54:18
prion
prion
Integer overflow
2017-07-13 13:29:00
Design/Logic Flaw
2018-11-07 14:29:00
Code injection
2019-08-13 21:15:00
freebsd
freebsd
nginx -- a specially crafted request might result in an integer overflow
2017-07-11 00:00:00
nghttp2 -- multiple vulnerabilities
2019-08-13 00:00:00
NGINX -- Multiple vulnerabilities
2018-11-06 00:00:00
myhack58
myhack58
seebug
seebug
Nginx Remote Integer Overflow Vulnerability(CVE-2017-7529 )
2017-07-13 00:00:00
paloalto
paloalto
PAN-OS: Nginx integer overflow may lead to information leak
2020-05-13 16:00:00
cve
cve
checkpoint_advisories
checkpoint_advisories
Nginx ngx_http_range_filter_module Integer Overflow (CVE-2017-7529)
2017-08-10 00:00:00
redhatcve
redhatcve
ubuntucve
ubuntucve
nginx
nginx
Integer overflow in the range filter
2017-07-13 13:29:00
Memory disclosure in the ngx_http_mp4_module
2018-11-07 14:29:00
Excessive CPU usage in HTTP/2 with small window updates
2019-08-13 21:15:00
amazon
amazon
Low: nginx
2017-09-13 23:19:00
Important: nghttp2
2019-09-30 21:03:00
Important: nghttp2
2019-10-08 21:43:00
debiancve
debiancve
kitploit
kitploit
ubuntu
ubuntu
nginx vulnerability
2017-07-13 00:00:00
cbl_mariner
cbl_mariner
CVE-2019-9511 affecting package nginx 1.16.1-2
2021-06-14 15:32:58
mscve
mscve
HTTP/2 Server Denial of Service Vulnerability
2019-08-13 07:00:00
suse
suse
Security update for nginx (important)
2019-09-11 00:00:00
Security update for nghttp2 (moderate)
2019-10-01 00:00:00
Security update for nghttp2 (moderate)
2019-10-01 00:00:00
impervablog
impervablog
Clustering App Attacks with Machine Learning Part 3: Algorithm Results
2018-06-19 22:41:03
photon
photon
apple
apple
About the security content of Xcode 13
2021-09-20 00:00:00
rocky
rocky
nginx:1.14 security update
2019-09-17 08:45:10
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related for ELSA-2020-5859