Unit security advisory (CVE-2019-7401)

Valentin V. Bartenev vbart at nginx.com
Thu Feb 7 16:51:47 UTC 2019


Hi,

A security issue was identified in NGINX Unit, which might allow an
attacker to cause a heap memory buffer overflow in the router process
with a specially crafted request.  This may result in a denial of
service (router process crash) or other unspecified behavior
(CVE-2019-7401).

The issue affects Unit 0.3 - 1.7.
The issue is fixed in Unit 1.7.1.

   wbr, Valentin V. Bartenev



More information about the nginx mailing list