2 matches found
CVE-2025-1695
NGINX Unit 1.34.2+ with the Java Language Module is affected by CVE-2025-1695. In versions prior to 1.34.2, undisclosed requests can trigger an infinite loop, increasing CPU utilization and causing a limited denial-of-service on the data plane. The issue is a data-plane degradation with no contro...
CVE-2019-7401
NGINX Unit is affected by CVE-2019-7401: a heap-based buffer overflow in the router process when handling specially-crafted requests. Exploitation can cause a denial of service (router process crash) and may have unspecified other impact. Affected is Unit versions before 1.7.1. Reported remediati...