A security issue was identified in NGINX Unit, which might allow an attacker to cause a heap memory buffer overflow in the router process with a specially crafted request. This may result in a denial of service (router process crash) or other unspecified behavior (CVE-2019-7401).
The issue affects Unit 0.3 - 1.7. The issue is fixed in Unit 1.7.1.
wbr, Valentin V. Bartenev