Your submission was sent successfully! Close

USN-4967-1: nginx vulnerability

26 May 2021

nginx could be made to crash or run programs if it received specially crafted network traffic.



  • nginx - small, powerful, scalable web/proxy server


Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx
incorrectly handled responses to the DNS resolver. A remote attacker could
use this issue to cause nginx to crash, resulting in a denial of service,
or possibly execute arbitrary code.


Related notices

  • USN-4967-2: nginx-common, nginx-naxsi, nginx-doc, nginx-full, nginx-light, nginx-extras, nginx, nginx-core, nginx-naxsi-ui