3 matches found
NGINX NJS Heap-Based Buffer Overflow (CVE-2019-12206)
A buffer overflow vulnerability exists in NGINX NJS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private for Data V2.1.0 NGINX (CVE-2019-12206, CVE-2019-12207, CVE-2019-12208, CVE-2019-20372), Docker (CVE-2019-17149, CVE-2019-17150), Kubernetes (CVE-2019-11245, CVE-2019-11253, CVE-2019-1022
Summary Security Bulletin: Security Vulnerabilities affect IBM Cloud Private for Data V2.1.0 NGINX CVE-2019-12206, CVE-2019-12207, CVE-2019-12208, CVE-2019-20372, Docker CVE-2019-17149, CVE-2019-17150, Kubernetes CVE-2019-11245, CVE-2019-11253, CVE-2019-10223, CVE-2019-17110 Vulnerability Details...
CVE-2019-12206
CVE-2019-12206 affects NGINX with NJS up to 0.3.1, where a heap-based buffer overflow in nxt_utf8_encode (nxt/nxt_utf8.c) can be triggered by overly long data. Documented impact includes potential remote code execution or crashes; the issue is addressed in later NJS/NGINX advisories. Remediation ...