NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.
{
"unresolved_ranges": [
{
"source": "CPE_RANGE",
"vendor_product": "apple:xcode",
"cpes": [
"cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"fixed": "13.0"
}
]
},
{
"source": "CPE_STRING",
"vendor_product": "canonical:ubuntu_linux",
"cpes": [
"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"
],
"extracted_events": [
{
"introduced": "14.04"
},
{
"last_affected": "14.04"
}
]
},
{
"source": "CPE_STRING",
"vendor_product": "opensuse:leap",
"cpes": [
"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "15.1"
},
{
"last_affected": "15.1"
}
]
}
]
}{
"source": [
"CPE_RANGE",
"REFERENCES"
],
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "1.17.7"
}
],
"cpe": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*"
}"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-20372.json"
"2026-07-09T04:30:09Z"
[
{
"source": "https://github.com/nginx/nginx/commit/c1be55f97211d38b69ac0c2027e6812ab8b1b94e",
"digest": {
"length": 1457.0,
"function_hash": "248396389108547749369241191006484398262"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2019-20372-62ca3ceb",
"target": {
"function": "ngx_http_send_error_page",
"file": "src/http/ngx_http_special_response.c"
},
"signature_type": "Function"
},
{
"source": "https://github.com/nginx/nginx/commit/c1be55f97211d38b69ac0c2027e6812ab8b1b94e",
"digest": {
"threshold": 0.9,
"line_hashes": [
"137291644867612448719368415384420215080",
"240257681029049262992914975940936978256",
"103973782483082902889366172146365580787"
]
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2019-20372-7b36d8bf",
"target": {
"file": "src/http/ngx_http_special_response.c"
},
"signature_type": "Line"
}
]