Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the router process. An attacker can retrieve sensitive information from internal network resources by crafting requests that leverage specific file suffixes and HTTP 302 redirects to bypass...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the router process. An attacker can retrieve sensitive information from internal network resources by crafting requests that leverage specific file suffixes and HTTP 302 redirects to bypass...

EUVD-2019-16943

Malware in sbrugna...

CVE-2019-7401

NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service router process crash or possibly have unspecified other impact...

PT-2019-1582 · Nginx · Nginx Unit

Name of the Vulnerable Software and Affected Versions: NGINX Unit versions prior to 1.7.1 Description: The issue is caused by a heap-based buffer overflow in the router process, potentially allowing an attacker to cause a denial of service router process crash or possibly have other unspecified...

unit -- heap memory buffer overflow

unit security problems: CVE-2019-7401: a head memory buffer overflow might have been caused in the router process by a specially crafted request, potentially resulting in a segmentation fault or other unspecified behavior...