USN-3352-1: nginx vulnerability
Severity
Medium
Vendor
Canonical Ubuntu
Description
It was discovered that an integer overflow existed in the range filter feature of nginx. A remote attacker could use this to expose sensitive information.
CVEs contained in this USN include: CVE-2017-7529
Affected VMware Products and Versions
Severity is medium unless otherwise noted.
- Pivotal Operations Manager is vulnerable in the following releases:
- 2.1.x versions prior to 2.1.6
- 2.0.x versions prior to 2.0.15
Mitigation
Users of affected versions should apply the following mitigation:
- Releases that have fixed this issue include:
- Pivotal Operations Manager: 2.1.6, 2.0.15