F5 Nginx 缓冲区错误漏洞

F5 Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from F5 USA, distributed under the BSD-like protocol. A buffer error vulnerability exists in F5 Nginx version 1.23.2, 1.22.1. An attacker could exploit this vulnerability to corrupt NGINX worker memory...

Design/Logic Flaw

Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 the OAuth filter would try to invoke the remaining filters in the chain after emitting a local response, which triggers an ASSERT in newer versions and corrupts memory on earlier versions. continueDecoding shouldn’t eve...