VDB
ALPINE-CVE-2017-7529
ALPINE-CVE-2017-7529
PUBLISHED
CVSS 7.5 HIGH
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.11 | nginx | 0.8.53-r0, 0.8.53-r0, 0.8.54-r0 |
| Alpine:v3.9 | nginx | 1.6.0-r2, 0, 0.8.53-r0 |
| Alpine:v3.12 | nginx | 0, 1.10.0-r0, 1.0.5-r0 |
| Alpine:v3.5 | nginx | 1.10.1-r5, 1.10.1-r4, 1.10.1-r3 |
| Alpine:v3.21 | nginx | 0.8.54-r0, 0.5.6, 0 |
| Alpine:v3.6 | nginx | 1.6.3-r0, 1.8.0-r0, 1.8.0-r1 |
| Alpine:v3.17 | nginx | 1.6.2-r0, 0, 0.8.54-r0 |
| Alpine:v3.8 | nginx | 0, 0, 0.8.53-r0 |
| Alpine:v3.22 | nginx | 1.6.0-r2, 0, 0.8.53-r0 |
| Alpine:v3.23 | nginx | 1.9.14-r1, 1.9.11-r0, 1.8.1-r1 |
| Alpine:v3.24 | nginx | 0, 0.5.6 |
| Alpine:v3.18 | nginx | 1.0.11-r1, 0.5.6, 0 |
| Alpine:v3.10 | nginx | 1.10.1-r2, 1.9.14-r1, 1.9.14-r0 |
| Alpine:v3.16 | nginx | 0.8.53-r0, 0.8.54-r0, 1.0.11-r0 |
| Alpine:v3.19 | nginx | 1.10.1-r4, 1.10.1-r6, 1.0.11-r1 |
| Salesforce | flow | |
| Alpine:v3.20 | nginx | 0.8.53-r0, 0.8.54-r0, 0.8.54-r1 |
| Alpine:v3.15 | nginx | 1.0.4-r0, 0, 0.8.54-r1 |
| Alpine:v3.13 | nginx | 1.10.2-r1, 1.10.1-r5, 1.6.1-r0 |
| Alpine:v3.14 | nginx | 1.6.2-r0, 0.8.53-r0, 0.8.54-r0 |
…and 2 more
Timeline
- Jul 13, 2017 CVE Published
- Apr 30, 2026 Distribution Patch
- Jul 8, 2026 CVE Updated