CVE-2013-4547

Published: 23 November 2013

nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI.

Priority

Medium

Status

Package Release Status
nginx
Launchpad, Ubuntu, Debian
Upstream
Released (1.4.4, 1.5.7)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(1.4.4-1ubuntu1)
Patches:
Upstream: http://nginx.org/download/patch.2013.space.txt