Lucene search

K
osvGoogleOSV:ALSA-2022:0323
HistoryJan 31, 2022 - 9:52 a.m.

Important: nginx:1.20 security update

2022-01-3109:52:06
Google
osv.dev
18
nginx
proxy server
security update
high concurrency
low memory usage
cve-2021-23017
cvss score
software
upstream version.

AI Score

8.4

Confidence

High

EPSS

0.316

Percentile

97.1%

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.

The following packages have been upgraded to a later upstream version: nginx (1.20.1). (BZ#2031030)

Security Fix(es):

  • nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name (CVE-2021-23017)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.