104 matches found
SUSE-SU-2017:0190-1 Security update for nginx-1.0
This update for nginx-1.0 fixes the following issues: This security issues fixed: - CVE-2016-4450: NULL pointer dereference while writing client request body bsc982505. - CVE-2016-1000105: Setting HTTPPROXY environment variable via Proxy header httpoxy bnc988491...
MGASA-2014-0136 Updated nginx package fixes security vulnerability
A bug in the experimental SPDY implementation in nginx was found, which might allow an attacker to cause a heap memory buffer overflow in a worker process by using a specially crafted request, potentially resulting in arbitrary code execution CVE-2014-0133...
MGASA-2013-0160 Updated nginx package fixes security vulnerability
A security problem related to CVE-2013-2028 was identified, affecting some previous nginx versions if proxypass to untrusted upstream HTTP servers is used. The problem may lead to a denial of service or a disclosure of a worker process memory on a specially crafted response from an upstream proxi...
CVE-2012-2089
Buffer overflow in ngxhttpmp4module.c in the ngxhttpmp4module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service memory overwrite or possibly execute arbitrary code via a crafted MP4 file...