7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.037 Low
EPSS
Percentile
91.8%
Heap-based buffer overflow in the SPDY implementation in nginx 1.3.15
before 1.4.7 and 1.5.x before 1.5.12 allows remote attackers to execute
arbitrary code via a crafted request.
Author | Note |
---|---|
mdeslaur | not affected as we build with --with-debug |
seth-arnold | saucy was affected, not all flavors used --with-debug |