CVE-2017-7529
HIGH7.5EPSS 91.9%nginx - security update
Published: 7/13/2017Modified: 12/3/2025
Also known as:ALPINE-CVE-2017-7529DEBIAN-CVE-2017-7529DLA-1024-1
Description
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.
Affected packages (4)
- Alpine/nginxfrom 0, < 1.12.1-r0
- Debian/nginxfrom 0, < 1.13.3-1
- Debian/nginxfrom 0, < 1.2.1-2.2+wheezy4+deb7u1
- Debian/nginxfrom 0, < 1.6.2-5+deb8u5
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |