Lucene search

K
osvGoogleOSV:RLSA-2021:2290
HistoryJun 08, 2021 - 9:47 a.m.

Important: nginx:1.16 security update

2021-06-0809:47:28
Google
osv.dev
10
nginx
security update
off-by-one vulnerability
cve-2021-23017
web server

AI Score

7.7

Confidence

High

EPSS

0.316

Percentile

97.1%

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.

Security Fix(es):

  • nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name (CVE-2021-23017)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.