CVE-2019-7401

NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service (router process crash) or possibly have unspecified other impact.

Published : 2019-02-08 03:29 Updated : 2019-02-26 20:05

7.5
CVSS Score More info
Score 7.5 / 10
7.5

CPE

There is no CPE for this CVE.

CWE

ID Name Description Links
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. CVE

History of changes

Date Event
2019-02-26 20:05
2019-02-11 11:29
2019-02-08 18:33
2019-02-08 03:29

New CVE