Lucene search
F5Nginx Controller
2 matches found
CVE-2020-5895
On NGINX Controller versions 3.1.0-3.3.0, AVRD uses world-readable and world-writable permissions on its socket, which allows processes or users on the local system to write arbitrary data into the socket. A local system attacker can make AVRD segmentation fault (SIGSEGV) by writing malformed messa...
7.8CVSS7.5AI score0.00062EPSS
CVE-2020-5894
On versions 3.0.0-3.3.0, the NGINX Controller webserver does not invalidate the server-side session token after users log out.
8.1CVSS8AI score0.00419EPSS