CVE-2021-23017: NGINX Resolver Vulnerability

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. Products Affected. Brocade SANnav - Fixed in Brocade SANnav 2.2.1...

CVE-2021-23017: NGINX Resolver Vulnerability

Security Advisory ID : BSA-2021-1516 Component : NGINX Revision : 1.0 A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...

CVE-2022-41741 affecting package nginx for versions less than 1.22.1-1

CVE-2022-41741 affecting package nginx for versions less than 1.22.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-41742 affecting package nginx for versions less than 1.22.1-1

CVE-2022-41742 affecting package nginx for versions less than 1.22.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-3638 affecting package nginx 1.20.1-3

CVE-2022-3638 affecting package nginx 1.20.1-3. An upgraded version of the package is available that resolves this issue...

CVE-2022-41741 affecting package nginx 1.20.1-3

CVE-2022-41741 affecting package nginx 1.20.1-3. An upgraded version of the package is available that resolves this issue...

CVE-2022-41742 affecting package nginx 1.20.1-3

CVE-2022-41742 affecting package nginx 1.20.1-3. An upgraded version of the package is available that resolves this issue...

The vulnerability of the njs_promise_reaction_job function in the njs interpreter of the nginx server allows a attacker to cause a service failure.

The vulnerability of the njspromisereactionjob function in the njs interpreter of the nginx server is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability of the njs_scope_valid_value function (njs_scope.h) in the NJS interpreter of the nginx server allows a attacker to cause a service failure.

The vulnerability of the njsscopevalidvalue function in the njs interpreter of the nginx server is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability of the njs_json_parse_iterator_call function (njs_json.c) in the njs interpreter of the nginx server allows a hacker to execute arbitrary code.

The vulnerability of the njsjsonparseiteratorcall function njsjson.c in the njs interpreter of the nginx server is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

Important Photon OS Security Update - PHSA-2022-4.0-0272

Updates of 'openssl', 'nginx' packages of Photon OS have been released...

CVE-2022-3638

A flaw was found in NGINX. There is a possible memory leak in ngxresolver.c, which can affect service availability...

Important Photon OS Security Update - PHSA-2022-3.0-0481

Updates of 'nginx' packages of Photon OS have been released...

The vulnerability of the ngx_resolver.c component in the nginx HTTP server allows a attacker to cause a service failure.

The vulnerability of the ngxresolver.c component in the nginx HTTP server is related to memory allocation errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

Security fix for the ALT Linux 9 package nginx version 1.22.1-alt1

1.22.1-alt1 built Oct. 31, 2022 Anton Farygin in task 308764 Oct. 21, 2022 Anton Farygin - 1.22.1 Fixes: CVE-2022-41741, CVE-2022-41742...

CVE-2022-43286

Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njsjsonparseiteratorcall at njsjson.c...

CVE-2022-43285

Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njspromisereactionjob. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input...

CVE-2022-43286

Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njsjsonparseiteratorcall at njsjson.c...

CVE-2022-43284

Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njsscopevalidvalue at njsscope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input...

CVE-2022-43284

Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njsscopevalidvalue at njsscope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input...