Linux Distros Unpatched Vulnerability : CVE-2020-36309

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ngxhttpluamodule aka lua-nginx-module before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or...

Authentication Bypass

ngxhttpluamodule is vulnerable to authentication bypass. The vulnerability exists because it doesn't properly restrict the user inputs which allows an attacker to insert unsafe characters in an argument when using the API to mutate a URI, or a request or response header...

CVE-2020-36309

ngxhttpluamodule aka lua-nginx-module before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header...

CVE-2020-36309

The CVE-2020-36309 entry concerns ngx_http_lua_module (lua-nginx-module) in OpenResty, where unsafe characters in an argument used to mutate a URI or headers can be exploited. The issue affects the lua-nginx-module before 0.10.16 and is associated with potential HTTP request smuggling and related...

CVE-2020-36309

ngxhttpluamodule aka lua-nginx-module before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header...

CVE-2020-36309

ngxhttpluamodule aka lua-nginx-module before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header...