Suse Studio Onsite vulnerabilities

CVE-2013-4547 [HIGH] CWE-116 CVE-2013-4547: nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restric nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI.

CVE-2011-4315 [MEDIUM] CWE-787 CVE-2011-4315: Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.