Unity Linux 20.1060e / 20.1070e Security Update: nginx (UTSA-2026-017548)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017548 advisory. A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrit...

BIT-NGINX-GATEWAY-2021-23017

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...

Linux Distros Unpatched Vulnerability : CVE-2021-23017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory...

SUSE CVE-2016-0742

The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service invalid pointer dereference and worker process crash via a crafted UDP DNS response...

SUSE CVE-2016-0746

Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service worker process crash or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing...

SUSE CVE-2021-23017

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...

Juniper Releases Patches for Critical Flaws in Junos OS and Contrail Networking

Juniper Networks has pushed security updates to address several vulnerabilities affecting multiple products, some of which could be exploited to seize control of affected systems. The most critical of the flaws affect Junos Space and Contrail Networking, with the tech company urging customers to...

BSA-2022-1516

Security Advisory ID : BSA-2022-1516 Component : NGNIX Revision : 1.0 A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...

AlmaLinux 8 : nginx:1.20 (ALSA-2022:0323)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:0323 advisory. nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 Tenable has extracted the preceding description blo...

Oracle Linux 8 : nginx:1.20 (ELSA-2022-0323)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-0323 advisory. 1.20.1-1.0.1 - Remove Red Hat references Orabug: 29498217 1:1.20.1-1 - rebase to 1.20.1 addressing CVE-2021-23017 Tenable has extracted the preceding descriptio...

A security issue in nginx resolver was identified which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite resulting in worker process crash or potential other impact.

...

Oracle Linux 8 : nginx:1.16 (ELSA-2021-2290)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2290 advisory. 1.16.1-2.0.1.1 - Remove Red Hat references Orabug: 29498217 1:1.16.1-2.1 - Resolves: 1963174 - CVE-2021-23017 nginx:1.16/nginx: Off-by-one in ngxresolvercopy wh...

Oracle Linux 8 : nginx:1.18 (ELSA-2021-2259)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2259 advisory. 1.18.0-3.1.0.1 - Remove Red Hat references Orabug: 29498217 1:1.18.0-3.1 - Resolves: 1963178 - CVE-2021-23017 nginx:1.18/nginx: Off-by-one in ngxresolvercopy wh...

ALPINE-CVE-2021-23017

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...

DEBIAN-CVE-2021-23017

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...

CVE-2021-23017

CVE-2021-23017 affects nginx's resolver. A security issue arises from an off-by-one in ngx_resolver_copy when DNS labels are followed by a root-domain pointer, allowing a crafted UDP response to overwrite the least significant byte of the next heap chunk metadata. This can lead to a worker proces...

CVE-2021-23017

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...

CVE-2021-23017

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...

CVE-2016-0747

The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service worker process resource consumption via vectors related to arbitrary name resolution...

DEBIAN-CVE-2016-0747

The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service worker process resource consumption via vectors related to arbitrary name resolution...