VDB

ALPINE-CVE-2017-7529

ALPINE-CVE-2017-7529 PUBLISHED CVSS 7.5 HIGH

Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
Alpine:v3.11nginx0.8.53-r0, 0.8.53-r0, 0.8.54-r0
Alpine:v3.9nginx1.6.0-r2, 0, 0.8.53-r0
Alpine:v3.12nginx0, 1.10.0-r0, 1.0.5-r0
Alpine:v3.5nginx1.10.1-r5, 1.10.1-r4, 1.10.1-r3
Alpine:v3.21nginx0.8.54-r0, 0.5.6, 0
Alpine:v3.6nginx1.6.3-r0, 1.8.0-r0, 1.8.0-r1
Alpine:v3.17nginx1.6.2-r0, 0, 0.8.54-r0
Alpine:v3.8nginx0, 0, 0.8.53-r0
Alpine:v3.22nginx1.6.0-r2, 0, 0.8.53-r0
Alpine:v3.23nginx1.9.14-r1, 1.9.11-r0, 1.8.1-r1
Alpine:v3.24nginx0, 0.5.6
Alpine:v3.18nginx1.0.11-r1, 0.5.6, 0
Alpine:v3.10nginx1.10.1-r2, 1.9.14-r1, 1.9.14-r0
Alpine:v3.16nginx0.8.53-r0, 0.8.54-r0, 1.0.11-r0
Alpine:v3.19nginx1.10.1-r4, 1.10.1-r6, 1.0.11-r1
Salesforceflow
Alpine:v3.20nginx0.8.53-r0, 0.8.54-r0, 0.8.54-r1
Alpine:v3.15nginx1.0.4-r0, 0, 0.8.54-r1
Alpine:v3.13nginx1.10.2-r1, 1.10.1-r5, 1.6.1-r0
Alpine:v3.14nginx1.6.2-r0, 0.8.53-r0, 0.8.54-r0

…and 2 more

Timeline

  • Jul 13, 2017 CVE Published
  • Apr 30, 2026 Distribution Patch
  • Jul 8, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›