UBUNTU-CVE-2017-7529
See a problem?- Source
- https://ubuntu.com/security/notices/UBUNTU-CVE-2017-7529
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-7529.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2017-7529
- Related
- Published
- 2017-07-11T00:00:00Z
- Modified
- 2017-07-11T00:00:00Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.
- References
Affected packages
Ubuntu:14.04:LTS / nginx
Package
- Name
- nginx
- Purl
- pkg:deb/ubuntu/nginx@1.4.6-1ubuntu3.8?arch=src?distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.4.6-1ubuntu3.8
Affected versions
1.*
1.4.1-3ubuntu1
1.4.3-2ubuntu1
1.4.4-1ubuntu1
1.4.4-2ubuntu1
1.4.4-4ubuntu1
1.4.5-1ubuntu1
1.4.6-1ubuntu2
1.4.6-1ubuntu3
1.4.6-1ubuntu3.1
1.4.6-1ubuntu3.2
1.4.6-1ubuntu3.3
1.4.6-1ubuntu3.4
1.4.6-1ubuntu3.5
1.4.6-1ubuntu3.6
1.4.6-1ubuntu3.7
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "medium",
"binaries": [
{
"nginx-light": "1.4.6-1ubuntu3.8",
"nginx-core-dbg": "1.4.6-1ubuntu3.8",
"nginx-full-dbg": "1.4.6-1ubuntu3.8",
"nginx-full-dbgsym": "1.4.6-1ubuntu3.8",
"nginx-extras": "1.4.6-1ubuntu3.8",
"nginx-light-dbg": "1.4.6-1ubuntu3.8",
"nginx-naxsi-dbgsym": "1.4.6-1ubuntu3.8",
"nginx-core-dbgsym": "1.4.6-1ubuntu3.8",
"nginx-light-dbgsym": "1.4.6-1ubuntu3.8",
"nginx-naxsi-dbg": "1.4.6-1ubuntu3.8",
"nginx-naxsi": "1.4.6-1ubuntu3.8",
"nginx-extras-dbgsym": "1.4.6-1ubuntu3.8",
"nginx": "1.4.6-1ubuntu3.8",
"nginx-common": "1.4.6-1ubuntu3.8",
"nginx-extras-dbg": "1.4.6-1ubuntu3.8",
"nginx-core": "1.4.6-1ubuntu3.8",
"nginx-full": "1.4.6-1ubuntu3.8",
"nginx-doc": "1.4.6-1ubuntu3.8",
"nginx-naxsi-ui": "1.4.6-1ubuntu3.8"
}
]
}
Ubuntu:16.04:LTS / nginx
Package
- Name
- nginx
- Purl
- pkg:deb/ubuntu/nginx@1.10.3-0ubuntu0.16.04.2?arch=src?distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.10.3-0ubuntu0.16.04.2
Affected versions
1.*
1.9.3-1ubuntu1
1.9.6-2ubuntu1
1.9.6-2ubuntu2
1.9.9-0ubuntu1
1.9.9-1ubuntu1
1.9.10-0ubuntu1
1.9.10-1ubuntu1
1.9.11-0ubuntu1
1.9.11-0ubuntu2
1.9.12-0ubuntu1
1.9.13-0ubuntu1
1.9.14-0ubuntu1
1.9.15-0ubuntu1
1.10.0-0ubuntu0.16.04.1
1.10.0-0ubuntu0.16.04.2
1.10.0-0ubuntu0.16.04.3
1.10.0-0ubuntu0.16.04.4
1.10.3-0ubuntu0.16.04.1
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "medium",
"binaries": [
{
"nginx-light": "1.10.3-0ubuntu0.16.04.2",
"nginx-core-dbg": "1.10.3-0ubuntu0.16.04.2",
"nginx-full-dbg": "1.10.3-0ubuntu0.16.04.2",
"nginx-full-dbgsym": "1.10.3-0ubuntu0.16.04.2",
"nginx-extras": "1.10.3-0ubuntu0.16.04.2",
"nginx-light-dbg": "1.10.3-0ubuntu0.16.04.2",
"nginx-core-dbgsym": "1.10.3-0ubuntu0.16.04.2",
"nginx-light-dbgsym": "1.10.3-0ubuntu0.16.04.2",
"nginx-extras-dbg": "1.10.3-0ubuntu0.16.04.2",
"nginx-common": "1.10.3-0ubuntu0.16.04.2",
"nginx-extras-dbgsym": "1.10.3-0ubuntu0.16.04.2",
"nginx": "1.10.3-0ubuntu0.16.04.2",
"nginx-full": "1.10.3-0ubuntu0.16.04.2",
"nginx-core": "1.10.3-0ubuntu0.16.04.2",
"nginx-doc": "1.10.3-0ubuntu0.16.04.2"
}
]
}