All Vulnerability Reports

USN-3352-1: nginx vulnerability


Severity

Medium

Vendor

Canonical Ubuntu

Description

It was discovered that an integer overflow existed in the range filter feature of nginx. A remote attacker could use this to expose sensitive information.

CVEs contained in this USN include: CVE-2017-7529

Affected Pivotal Products and Versions

Severity is medium unless otherwise noted.

  • Pivotal Operations Manager is vulnerable in the following releases:
    • 2.1.x versions prior to 2.1.6
    • 2.0.x versions prior to 2.0.15
Mitigation

Users of affected versions should apply the following mitigation:

  • Releases that have fixed this issue include:
    • Pivotal Operations Manager: 2.1.6, 2.0.15
References