CVE-2021-23017
- Source
- https://cve.org/CVERecord?id=CVE-2021-23017
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-23017.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-23017
- Aliases
- Downstream
- Related
- Published
- 2021-06-01T13:15:07.853Z
- Modified
- 2026-04-11T12:36:08.611944Z
- Severity
-
- 7.7 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L CVSS Calculator
- Summary
- [none]
- Details
-
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
- Database specific
{ "unresolved_ranges": [ { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*", "extracted_events": [ { "fixed": "21.1.2" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:communications_control_plane_monitor:3.4:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "3.4" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:communications_control_plane_monitor:4.2:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "4.2" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:communications_control_plane_monitor:4.3:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "4.3" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:communications_control_plane_monitor:4.4:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "4.4" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:*:*:*:*:*:*:*:*", "extracted_events": [ { "introduced": "3.4" }, { "last_affected": "4.4" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "3.4" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:4.2:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "4.2" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "4.3" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "4.4" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "8.4" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "9.0" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:enterprise_communications_broker:3.3.0:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "3.3.0" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "8.4" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:enterprise_session_border_controller:9.0:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "9.0" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:enterprise_telephony_fraud_monitor:3.4:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "3.4" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:enterprise_telephony_fraud_monitor:4.2:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "4.2" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:enterprise_telephony_fraud_monitor:4.3:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "4.3" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:enterprise_telephony_fraud_monitor:4.4:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "4.4" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*", "extracted_events": [ { "fixed": "21.4.0.0.0" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "33" } ] }, { "source": "CPE_FIELD", "cpe": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "extracted_events": [ { "last_affected": "34" } ] } ] }- References
-
- https://lists.apache.org/thread.html/r37e6b2165f7c910d8e15fd54f4697857619ad2625f56583802004009%40%3Cnotifications.apisix.apache.org%3E
- https://lists.apache.org/thread.html/r4d4966221ca399ce948ef34884652265729d7d9ef8179c78d7f17e7f%40%3Cnotifications.apisix.apache.org%3E
- https://lists.apache.org/thread.html/r6fc5c57b38e93e36213e9a18c8a4e5dbd5ced1c7e57f08a1735975ba%40%3Cnotifications.apisix.apache.org%3E
- https://lists.apache.org/thread.html/rf232eecd47fdc44520192810560303073cefd684b321f85e311bad31%40%3Cnotifications.apisix.apache.org%3E
- https://lists.apache.org/thread.html/rf318aeeb4d7a3a312734780b47de83cefb7e6995da0b2cae5c28675c%40%3Cnotifications.apisix.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7SFVYHC7OXTEO4SMBWXDVK6E5IMEYMEE/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNKOP2JR5L7KCIZTJRZDCUPJTUONMC5I/
- https://support.f5.com/csp/article/K12331123%2C
- http://packetstormsecurity.com/files/167720/Nginx-1.20.0-Denial-Of-Service.html
- https://security.netapp.com/advisory/ntap-20210708-0006/
- http://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
Affected packages
Git / github.com/nginx/nginx
Affected versions
release-0.*
release-0.6.18
release-0.6.19
release-0.6.20
release-0.6.21
release-0.6.22
release-0.6.23
release-0.6.24
release-0.6.25
release-0.6.26
release-0.6.27
release-0.6.28
release-0.6.29
release-0.6.30
release-0.6.31
release-0.7.0
release-0.7.1
release-0.7.10
release-0.7.11
release-0.7.12
release-0.7.13
release-0.7.14
release-0.7.15
release-0.7.16
release-0.7.17
release-0.7.18
release-0.7.19
release-0.7.2
release-0.7.20
release-0.7.21
release-0.7.22
release-0.7.23
release-0.7.24
release-0.7.25
release-0.7.26
release-0.7.27
release-0.7.28
release-0.7.29
release-0.7.3
release-0.7.30
release-0.7.31
release-0.7.32
release-0.7.33
release-0.7.34
release-0.7.35
release-0.7.36
release-0.7.37
release-0.7.38
release-0.7.39
release-0.7.4
release-0.7.40
release-0.7.41
release-0.7.42
release-0.7.43
release-0.7.44
release-0.7.45
release-0.7.46
release-0.7.47
release-0.7.48
release-0.7.49
release-0.7.5
release-0.7.50
release-0.7.51
release-0.7.52
release-0.7.53
release-0.7.54
release-0.7.55
release-0.7.56
release-0.7.57
release-0.7.58
release-0.7.59
release-0.7.6
release-0.7.7
release-0.7.8
release-0.7.9
release-0.8.0
release-0.8.1
release-0.8.10
release-0.8.11
release-0.8.12
release-0.8.13
release-0.8.14
release-0.8.15
release-0.8.16
release-0.8.17
release-0.8.18
release-0.8.19
release-0.8.2
release-0.8.20
release-0.8.21
release-0.8.22
release-0.8.23
release-0.8.24
release-0.8.25
release-0.8.26
release-0.8.27
release-0.8.28
release-0.8.29
release-0.8.3
release-0.8.30
release-0.8.31
release-0.8.32
release-0.8.33
release-0.8.34
release-0.8.35
release-0.8.36
release-0.8.37
release-0.8.38
release-0.8.39
release-0.8.4
release-0.8.40
release-0.8.41
release-0.8.42
release-0.8.43
release-0.8.44
release-0.8.45
release-0.8.46
release-0.8.47
release-0.8.48
release-0.8.49
release-0.8.5
release-0.8.50
release-0.8.51
release-0.8.52
release-0.8.53
release-0.8.6
release-0.8.7
release-0.8.8
release-0.8.9
release-0.9.0
release-0.9.1
release-0.9.2
release-0.9.3
release-0.9.4
release-0.9.5
release-0.9.6
release-0.9.7
release-1.*
release-1.0.0
release-1.0.1
release-1.0.2
release-1.0.3
release-1.0.4
release-1.0.5
release-1.1.0
release-1.1.1
release-1.1.10
release-1.1.11
release-1.1.12
release-1.1.13
release-1.1.14
release-1.1.15
release-1.1.16
release-1.1.17
release-1.1.18
release-1.1.19
release-1.1.2
release-1.1.3
release-1.1.4
release-1.1.5
release-1.1.6
release-1.1.7
release-1.1.8
release-1.1.9
release-1.11.0
release-1.11.1
release-1.11.10
release-1.11.11
release-1.11.12
release-1.11.13
release-1.11.2
release-1.11.3
release-1.11.4
release-1.11.5
release-1.11.6
release-1.11.7
release-1.11.8
release-1.11.9
release-1.13.0
release-1.13.1
release-1.13.10
release-1.13.11
release-1.13.12
release-1.13.2
release-1.13.3
release-1.13.4
release-1.13.5
release-1.13.6
release-1.13.7
release-1.13.8
release-1.13.9
release-1.15.0
release-1.15.1
release-1.15.10
release-1.15.11
release-1.15.12
release-1.15.2
release-1.15.3
release-1.15.4
release-1.15.5
release-1.15.6
release-1.15.7
release-1.15.8
release-1.15.9
release-1.17.0
release-1.17.1
release-1.17.10
release-1.17.2
release-1.17.3
release-1.17.4
release-1.17.5
release-1.17.6
release-1.17.7
release-1.17.8
release-1.17.9
release-1.19.0
release-1.19.1
release-1.19.10
release-1.19.2
release-1.19.3
release-1.19.4
release-1.19.5
release-1.19.6
release-1.19.7
release-1.19.8
release-1.19.9
release-1.2.0
release-1.20.0
release-1.3.0
release-1.3.1
release-1.3.10
release-1.3.11
release-1.3.12
release-1.3.13
release-1.3.14
release-1.3.15
release-1.3.16
release-1.3.2
release-1.3.3
release-1.3.4
release-1.3.5
release-1.3.6
release-1.3.7
release-1.3.8
release-1.3.9
release-1.4.0
release-1.5.0
release-1.5.1
release-1.5.10
release-1.5.11
release-1.5.12
release-1.5.13
release-1.5.2
release-1.5.3
release-1.5.4
release-1.5.5
release-1.5.6
release-1.5.7
release-1.5.8
release-1.5.9
release-1.7.0
release-1.7.1
release-1.7.10
release-1.7.11
release-1.7.12
release-1.7.2
release-1.7.3
release-1.7.4
release-1.7.5
release-1.7.6
release-1.7.7
release-1.7.8
release-1.7.9
release-1.9.0
release-1.9.1
release-1.9.10
release-1.9.11
release-1.9.12
release-1.9.13
release-1.9.14
release-1.9.15
release-1.9.2
release-1.9.3
release-1.9.4
release-1.9.5
release-1.9.6
release-1.9.7
release-1.9.8
release-1.9.9
Git / github.com/openresty/openresty
Affected ranges
- Type
- GIT
- Repo
- https://github.com/openresty/openresty
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Database specific
{ "source": "CPE_FIELD", "cpe": "cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*", "extracted_events": [ { "introduced": "0" }, { "fixed": "1.19.3.2" } ] }
Affected versions
v0.*
v0.8.54.3
v0.8.54.6
v1.*
v1.0.10.1
v1.0.10.11
v1.0.10.13
v1.0.10.15
v1.0.10.17
v1.0.10.19
v1.0.10.21
v1.0.10.23
v1.0.10.24
v1.0.10.25
v1.0.10.27
v1.0.10.29
v1.0.10.3
v1.0.10.31
v1.0.10.33
v1.0.10.35
v1.0.10.41
v1.0.10.43
v1.0.10.44
v1.0.10.45
v1.0.10.47
v1.0.10.48
v1.0.10.5
v1.0.10.7
v1.0.10.9
v1.0.11.11
v1.0.11.15
v1.0.11.17
v1.0.11.19
v1.0.11.21
v1.0.11.23
v1.0.11.25
v1.0.11.27
v1.0.11.28
v1.0.11.3
v1.0.11.7
v1.0.11.9
v1.0.15.1
v1.0.15.10
v1.0.15.11
v1.0.15.3
v1.0.15.5
v1.0.15.7
v1.0.15.9
v1.0.4.1
v1.0.4.2
v1.0.5.0
v1.0.5.1
v1.0.6.22
v1.0.6.3
v1.0.6.5
v1.0.8.1
v1.0.8.11
v1.0.8.13
v1.0.8.15
v1.0.8.17
v1.0.8.19
v1.0.8.21
v1.0.8.26
v1.0.8.3
v1.0.8.5
v1.0.8.7
v1.0.8.9
v1.0.9.1
v1.0.9.10
v1.0.9.3
v1.0.9.5
v1.0.9.7
v1.0.9.9
v1.11.2.1
v1.11.2.2
v1.11.2.3
v1.11.2.5
v1.13.6.1
v1.13.6.2
v1.15.8.1
v1.15.8.1rc1
v1.15.8.1rc2
v1.17.8.1
v1.17.8.1rc1
v1.17.8.2
v1.19.3.1
v1.19.3.1rc0
v1.19.3.1rc1
v1.2.1.1
v1.2.1.11
v1.2.1.13
v1.2.1.14
v1.2.1.3
v1.2.1.5
v1.2.1.7
v1.2.1.9
v1.2.3.1
v1.2.3.3
v1.2.3.5
v1.2.3.7
v1.2.3.8
v1.2.4.1
v1.2.4.11
v1.2.4.13
v1.2.4.14
v1.2.4.3
v1.2.4.5
v1.2.4.7
v1.2.4.9
v1.2.6.1
v1.2.6.3
v1.2.6.5
v1.2.6.6
v1.2.7.1
v1.2.7.3
v1.2.7.5
v1.2.7.6
v1.2.8.1
v1.2.8.5
v1.2.8.6
v1.4.1.1
v1.4.1.3
v1.4.2.1
v1.4.2.3
v1.4.2.5
v1.4.2.7
v1.4.2.8
v1.4.2.9
v1.4.3.1
v1.4.3.3
v1.4.3.4
v1.4.3.6
v1.4.3.7
v1.4.3.9
v1.5.11.1
v1.5.12.1
v1.5.8.1
v1.7.0.1
v1.7.10.1
v1.7.10.2
v1.7.2.1
v1.7.7.1
v1.7.7.2
v1.9.15.1
v1.9.3.1
v1.9.3.1rc1
v1.9.3.2
v1.9.7.1
v1.9.7.2
v1.9.7.3
v1.9.7.4