CVE-2009-3896
published 2009-11-24CVE-2009-3896: src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14…
medium5CVSS 3.1
AVNACLAuNCNINAP
src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
Affected
288 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nginx | < nginx 0.7.62-1 (bookworm) | nginx 0.7.62-1 (bookworm) |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM