Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
10 Nov 2021, 15:57
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:* |
Information
Published : 2012-04-17 21:55
Updated : 2023-12-10 11:16
NVD link : CVE-2012-1180
Mitre link : CVE-2012-1180
CVE.ORG link : CVE-2012-1180
JSON object : View
Products Affected
f5
- nginx
debian
- debian_linux
fedoraproject
- fedora
CWE
CWE-416
Use After Free