cve-2020-11724

Vulnerability from cvelistv5

Published

2020-04-12 20:55

Modified

2024-08-04 11:41

Severity ?

Summary

An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API.

References

URL	Tags
cve@mitre.org	https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa	Patch, Third Party Advisory
cve@mitre.org	https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch	Patch, Third Party Advisory
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html	Mailing List, Third Party Advisory
cve@mitre.org	https://security.netapp.com/advisory/ntap-20210129-0002/	Third Party Advisory
cve@mitre.org	https://www.debian.org/security/2020/dsa-4750	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20210129-0002/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2020/dsa-4750	Third Party Advisory

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T11:41:58.149Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa"
          },
          {
            "name": "[debian-lts-announce] 20200720 [SECURITY] [DLA 2283-1] nginx security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html"
          },
          {
            "name": "DSA-4750",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4750"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20210129-0002/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-29T06:06:09",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa"
        },
        {
          "name": "[debian-lts-announce] 20200720 [SECURITY] [DLA 2283-1] nginx security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html"
        },
        {
          "name": "DSA-4750",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4750"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20210129-0002/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-11724",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch",
              "refsource": "MISC",
              "url": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch"
            },
            {
              "name": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa",
              "refsource": "MISC",
              "url": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa"
            },
            {
              "name": "[debian-lts-announce] 20200720 [SECURITY] [DLA 2283-1] nginx security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html"
            },
            {
              "name": "DSA-4750",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4750"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20210129-0002/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20210129-0002/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-11724",
    "datePublished": "2020-04-12T20:55:26",
    "dateReserved": "2020-04-12T00:00:00",
    "dateUpdated": "2024-08-04T11:41:58.149Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.15.8.4\", \"matchCriteriaId\": \"54204884-C4D1-4564-9CCE-18D2107A7ACD\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API.\"}, {\"lang\": \"es\", \"value\": \"Se detect\\u00f3 un problema en OpenResty versiones anteriores a 1.15.8.4. El archivo ngx_http_lua_subrequest.c permite un tr\\u00e1fico no autorizado de peticiones HTTP, como es demostrado por la API ngx.location.capture.\"}]",
      "id": "CVE-2020-11724",
      "lastModified": "2024-11-21T04:58:29.307",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-04-12T21:15:10.317",
      "references": "[{\"url\": \"https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20210129-0002/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2020/dsa-4750\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20210129-0002/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2020/dsa-4750\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-444\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-11724\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-04-12T21:15:10.317\",\"lastModified\":\"2024-11-21T04:58:29.307\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API.\"},{\"lang\":\"es\",\"value\":\"Se detect\u00f3 un problema en OpenResty versiones anteriores a 1.15.8.4. El archivo ngx_http_lua_subrequest.c permite un tr\u00e1fico no autorizado de peticiones HTTP, como es demostrado por la API ngx.location.capture.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.8.4\",\"matchCriteriaId\":\"54204884-C4D1-4564-9CCE-18D2107A7ACD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210129-0002/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4750\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210129-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4750\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

ghsa-478m-xrv3-7r93

Vulnerability from github

Published

2022-05-24 17:14

Modified

2024-04-04 02:49

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-11724"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-444"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-04-12T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API.",
  "id": "GHSA-478m-xrv3-7r93",
  "modified": "2024-04-04T02:49:48Z",
  "published": "2022-05-24T17:14:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11724"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20210129-0002"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4750"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

cve-2020-11724

Vulnerability from fkie_nvd

Published

2020-04-12 21:15

Modified

2024-11-21 04:58

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API.

References

URL	Tags
cve@mitre.org	https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa	Patch, Third Party Advisory
cve@mitre.org	https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch	Patch, Third Party Advisory
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html	Mailing List, Third Party Advisory
cve@mitre.org	https://security.netapp.com/advisory/ntap-20210129-0002/	Third Party Advisory
cve@mitre.org	https://www.debian.org/security/2020/dsa-4750	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20210129-0002/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2020/dsa-4750	Third Party Advisory

Impacted products

Vendor	Product	Version
openresty	openresty	*
debian	debian_linux	9.0
debian	debian_linux	10.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54204884-C4D1-4564-9CCE-18D2107A7ACD",
              "versionEndExcluding": "1.15.8.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API."
    },
    {
      "lang": "es",
      "value": "Se detect\u00f3 un problema en OpenResty versiones anteriores a 1.15.8.4. El archivo ngx_http_lua_subrequest.c permite un tr\u00e1fico no autorizado de peticiones HTTP, como es demostrado por la API ngx.location.capture."
    }
  ],
  "id": "CVE-2020-11724",
  "lastModified": "2024-11-21T04:58:29.307",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-04-12T21:15:10.317",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210129-0002/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2020/dsa-4750"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210129-0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2020/dsa-4750"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-444"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API. OpenResty is a web application server based on Nginx and Lua from China Ou Rui Software Development (OpenResty).

The ngx_http_lua_subrequest.c file in versions prior to OpenResty 1.15.8.4 has an environmental problem vulnerability. The vulnerability stems from the unreasonable environmental factors of the network system or product. There is currently no detailed vulnerability details provided. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

Debian Security Advisory DSA-4750-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 26, 2020 https://www.debian.org/security/faq

Package : nginx CVE ID : CVE-2020-11724 Debian Bug : 964950

It was reported that the Lua module for Nginx, a high-performance web and reverse proxy server, is prone to a HTTP request smuggling vulnerability.

For the stable distribution (buster), this problem has been fixed in version 1.14.2-2+deb10u3.

We recommend that you upgrade your nginx packages.

For the detailed security status of nginx please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nginx

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl9GlAhfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Q+QBAAlo31j8w4zpQNYaxVm7K/lH4TukFPbE79ZSBnuWvtiC59a7AwWbfqCWd5 kkMTicjMYsExEp+jgnFex5W0LEQ/weRE8DHnAaDIEs4V1eJHzj5NxPUB0ZpFJshJ oLB8lMX5vJDTSynMmBzzY65UTZl8/5CVDxbku8yS1zVXtl3RHxCoHpmzxWrpfkhU cl9fdNVF2Vn1GENen5PNz9AhOXLp/Px6Y/iSAYjwLPQJPTEHbYtdBnu/p113QUz9 OlvW1A7hVYtpg6JfX2/dQMzhBHetyOwqnLSnWMPPe/MOd0hA9m3//DHmR5mIb263 YsdOL27u3IVf6leSZ4T8KhK1IChHZF1/Kw6VCaIKr4LtWtPJYDM+QE7pXA7s9UIM eulmVn4q2ppjSCgV9MqlQpEYs7xvkAgaEAakE93FwARliAhtvmo5JXtz29NamGfp FjfC8wMNGinVL4Xt8Za3na4QFDuBFD936qOL38vyPS6MrOc0H6RoI2aDHDr0YJi/ YlrhIyAQ8anAVqFaueGrfz9AWcLDCWKWa6A7ShIZLRIUlPyUwZ4M0jnQNEw4epva Y8LqLuDvrG2Zl9saVD0YmkAVh2A2o3xVuiQa1O4wTYQPvAW2WT87yjXsamjGila8 whAgsNA6L2BC2Y9jHCCeYV57e/dibmDrC2QFprEeqDNKZD2a8UE= =QmrI -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-5371-2 April 28, 2022

nginx vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 22.04 LTS

Summary:

nginx could be made to redirect network traffic.

Software Description: - nginx: small, powerful, scalable web/proxy server

Details:

USN-5371-1 fixed several vulnerabilities in nginx. This update provides the fix for CVE-2021-3618 for Ubuntu 22.04 LTS.

Original advisory details:

It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-11724)

It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to disclose sensitive information. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-36309)

It was discovered that nginx mishandled the use of compatible certificates among multiple encryption protocols. If a remote attacker were able to intercept the communication, this issue could be used to redirect traffic between subdomains. (CVE-2021-3618)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 22.04 LTS: nginx-core 1.18.0-6ubuntu14.1 nginx-extras 1.18.0-6ubuntu14.1 nginx-light 1.18.0-6ubuntu14.1

In general, a standard system update will make all the necessary changes.

References: https://ubuntu.com/security/notices/USN-5371-2 https://ubuntu.com/security/notices/USN-5371-1 CVE-2021-3618

Package Information: https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu14.1

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0234",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "openresty",
        "scope": "lt",
        "trust": 1.6,
        "vendor": "openresty",
        "version": "1.15.8.4"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "9.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "10.0"
      },
      {
        "model": "openresty",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "openresty",
        "version": "1.15.8.4"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-22977"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003935"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-11724"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.15.8.4",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-11724"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ubuntu",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "166709"
      },
      {
        "db": "PACKETSTORM",
        "id": "168672"
      },
      {
        "db": "PACKETSTORM",
        "id": "166888"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2020-11724",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-003935",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2020-22977",
            "impactScore": 6.9,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2020-11724",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-003935",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2020-11724",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "JVNDB-2020-003935",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2020-22977",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202004-615",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-11724",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-22977"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-11724"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003935"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-11724"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202004-615"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API. OpenResty is a web application server based on Nginx and Lua from China Ou Rui Software Development (OpenResty). \n\r\n\r\nThe ngx_http_lua_subrequest.c file in versions prior to OpenResty 1.15.8.4 has an environmental problem vulnerability. The vulnerability stems from the unreasonable environmental factors of the network system or product. There is currently no detailed vulnerability details provided. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4750-1                   security@debian.org\nhttps://www.debian.org/security/                     Salvatore Bonaccorso\nAugust 26, 2020                       https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage        : nginx\nCVE ID         : CVE-2020-11724\nDebian Bug     : 964950\n\nIt was reported that the Lua module for Nginx, a high-performance web\nand reverse proxy server, is prone to a HTTP request smuggling\nvulnerability. \n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1.14.2-2+deb10u3. \n\nWe recommend that you upgrade your nginx packages. \n\nFor the detailed security status of nginx please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/nginx\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl9GlAhfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0Q+QBAAlo31j8w4zpQNYaxVm7K/lH4TukFPbE79ZSBnuWvtiC59a7AwWbfqCWd5\nkkMTicjMYsExEp+jgnFex5W0LEQ/weRE8DHnAaDIEs4V1eJHzj5NxPUB0ZpFJshJ\noLB8lMX5vJDTSynMmBzzY65UTZl8/5CVDxbku8yS1zVXtl3RHxCoHpmzxWrpfkhU\ncl9fdNVF2Vn1GENen5PNz9AhOXLp/Px6Y/iSAYjwLPQJPTEHbYtdBnu/p113QUz9\nOlvW1A7hVYtpg6JfX2/dQMzhBHetyOwqnLSnWMPPe/MOd0hA9m3//DHmR5mIb263\nYsdOL27u3IVf6leSZ4T8KhK1IChHZF1/Kw6VCaIKr4LtWtPJYDM+QE7pXA7s9UIM\neulmVn4q2ppjSCgV9MqlQpEYs7xvkAgaEAakE93FwARliAhtvmo5JXtz29NamGfp\nFjfC8wMNGinVL4Xt8Za3na4QFDuBFD936qOL38vyPS6MrOc0H6RoI2aDHDr0YJi/\nYlrhIyAQ8anAVqFaueGrfz9AWcLDCWKWa6A7ShIZLRIUlPyUwZ4M0jnQNEw4epva\nY8LqLuDvrG2Zl9saVD0YmkAVh2A2o3xVuiQa1O4wTYQPvAW2WT87yjXsamjGila8\nwhAgsNA6L2BC2Y9jHCCeYV57e/dibmDrC2QFprEeqDNKZD2a8UE=\n=QmrI\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-5371-2\nApril 28, 2022\n\nnginx vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 22.04 LTS\n\nSummary:\n\nnginx could be made to redirect network traffic. \n\nSoftware Description:\n- nginx: small, powerful, scalable web/proxy server\n\nDetails:\n\nUSN-5371-1 fixed several vulnerabilities in nginx. \nThis update provides the fix for CVE-2021-3618 for Ubuntu 22.04 LTS. \n\nOriginal advisory details:\n\n  It was discovered that nginx Lua module mishandled certain inputs. \n  An attacker could possibly use this issue to perform an HTTP Request\n  Smuggling attack. This issue only affects Ubuntu 18.04 LTS and\n  Ubuntu 20.04 LTS. (CVE-2020-11724)\n\n  It was discovered that nginx Lua module mishandled certain inputs. \n  An attacker could possibly use this issue to disclose sensitive\n  information. This issue only affects Ubuntu 18.04 LTS and\n  Ubuntu 20.04 LTS. (CVE-2020-36309)\n\n  It was discovered that nginx mishandled the use of\n  compatible certificates among multiple encryption protocols. \n  If a remote attacker were able to intercept the communication,\n  this issue could be used to redirect traffic between subdomains. \n  (CVE-2021-3618)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 22.04 LTS:\n   nginx-core                      1.18.0-6ubuntu14.1\n   nginx-extras                    1.18.0-6ubuntu14.1\n   nginx-light                     1.18.0-6ubuntu14.1\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n   https://ubuntu.com/security/notices/USN-5371-2\n   https://ubuntu.com/security/notices/USN-5371-1\n   CVE-2021-3618\n\nPackage Information:\n   https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu14.1\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-11724"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003935"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-22977"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-11724"
      },
      {
        "db": "PACKETSTORM",
        "id": "166709"
      },
      {
        "db": "PACKETSTORM",
        "id": "168900"
      },
      {
        "db": "PACKETSTORM",
        "id": "168672"
      },
      {
        "db": "PACKETSTORM",
        "id": "166888"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-11724",
        "trust": 3.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003935",
        "trust": 0.8
      },
      {
        "db": "PACKETSTORM",
        "id": "166709",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "168672",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "166888",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-22977",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.2462",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.1628",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.2941",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022042817",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022041422",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202004-615",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-11724",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "168900",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-22977"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-11724"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003935"
      },
      {
        "db": "PACKETSTORM",
        "id": "166709"
      },
      {
        "db": "PACKETSTORM",
        "id": "168900"
      },
      {
        "db": "PACKETSTORM",
        "id": "168672"
      },
      {
        "db": "PACKETSTORM",
        "id": "166888"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-11724"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202004-615"
      }
    ]
  },
  "id": "VAR-202004-0234",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-22977"
      }
    ],
    "trust": 0.06
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-22977"
      }
    ]
  },
  "last_update_date": "2023-12-18T10:56:44.842000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "bugfix: prevented request smuggling in the ngx.location.capture API.",
        "trust": 0.8,
        "url": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch"
      },
      {
        "title": "Debian CVElist Bug Report Logs: nginx: CVE-2020-11724",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=0874e0870430fc2dae43fb8d79f4f403"
      },
      {
        "title": "Debian Security Advisories: DSA-4750-1 nginx -- security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=bb488a3de40db1667c791b994279fc7b"
      },
      {
        "title": "Ubuntu Security Notice: USN-5371-1: nginx vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-5371-1"
      },
      {
        "title": "HTTP-REQUEST-SMUGGLING",
        "trust": 0.1,
        "url": "https://github.com/403accessdenied/http-request-smuggling "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2020-11724"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003935"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-444",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003935"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-11724"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://www.debian.org/security/2020/dsa-4750"
      },
      {
        "trust": 1.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-11724"
      },
      {
        "trust": 1.7,
        "url": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa"
      },
      {
        "trust": 1.7,
        "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html"
      },
      {
        "trust": 1.7,
        "url": "https://security.netapp.com/advisory/ntap-20210129-0002/"
      },
      {
        "trust": 1.1,
        "url": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-11724"
      },
      {
        "trust": 0.6,
        "url": "http_lua-0.10.15-fix_location_capture_content_length_chunked.patch"
      },
      {
        "trust": 0.6,
        "url": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/168672/ubuntu-security-notice-usn-5371-3.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.2941/"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022042817"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/166709/ubuntu-security-notice-usn-5371-1.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.2462/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.1628"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022041422"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/ngx-lua-plugin-information-disclosure-via-ngx-location-capture-32886"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/166888/ubuntu-security-notice-usn-5371-2.html"
      },
      {
        "trust": 0.4,
        "url": "https://ubuntu.com/security/notices/usn-5371-1"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3618"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-36309"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/444.html"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964950"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/nginx/1.18.0-0ubuntu1.3"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu11.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/nginx/1.14.0-0ubuntu1.10"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "https://security-tracker.debian.org/tracker/nginx"
      },
      {
        "trust": 0.1,
        "url": "https://ubuntu.com/security/notices/usn-5371-3"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu14.1"
      },
      {
        "trust": 0.1,
        "url": "https://ubuntu.com/security/notices/usn-5371-2"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2020-11724"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003935"
      },
      {
        "db": "PACKETSTORM",
        "id": "166709"
      },
      {
        "db": "PACKETSTORM",
        "id": "168900"
      },
      {
        "db": "PACKETSTORM",
        "id": "168672"
      },
      {
        "db": "PACKETSTORM",
        "id": "166888"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-11724"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202004-615"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-22977"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-11724"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003935"
      },
      {
        "db": "PACKETSTORM",
        "id": "166709"
      },
      {
        "db": "PACKETSTORM",
        "id": "168900"
      },
      {
        "db": "PACKETSTORM",
        "id": "168672"
      },
      {
        "db": "PACKETSTORM",
        "id": "166888"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-11724"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202004-615"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-04-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-22977"
      },
      {
        "date": "2020-04-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-11724"
      },
      {
        "date": "2020-04-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-003935"
      },
      {
        "date": "2022-04-13T15:03:13",
        "db": "PACKETSTORM",
        "id": "166709"
      },
      {
        "date": "2020-08-28T19:12:00",
        "db": "PACKETSTORM",
        "id": "168900"
      },
      {
        "date": "2022-10-10T16:13:35",
        "db": "PACKETSTORM",
        "id": "168672"
      },
      {
        "date": "2022-04-28T15:18:16",
        "db": "PACKETSTORM",
        "id": "166888"
      },
      {
        "date": "2020-04-12T21:15:10.317000",
        "db": "NVD",
        "id": "CVE-2020-11724"
      },
      {
        "date": "2020-04-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202004-615"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-04-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-22977"
      },
      {
        "date": "2021-01-29T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-11724"
      },
      {
        "date": "2020-04-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-003935"
      },
      {
        "date": "2021-01-29T16:33:01.957000",
        "db": "NVD",
        "id": "CVE-2020-11724"
      },
      {
        "date": "2022-10-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202004-615"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "168672"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202004-615"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "OpenResty In  HTTP Request Smagling Vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003935"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "environmental issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202004-615"
      }
    ],
    "trust": 0.6
  }
}

gsd-2020-11724

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API.

Aliases

CVE-2020-11724

Aliases

CVE-2020-11724

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-11724",
    "description": "An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API.",
    "id": "GSD-2020-11724",
    "references": [
      "https://www.debian.org/security/2020/dsa-4750",
      "https://ubuntu.com/security/CVE-2020-11724"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-11724"
      ],
      "details": "An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API.",
      "id": "GSD-2020-11724",
      "modified": "2023-12-13T01:22:07.460337Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2020-11724",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch",
            "refsource": "MISC",
            "url": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch"
          },
          {
            "name": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa",
            "refsource": "MISC",
            "url": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa"
          },
          {
            "name": "[debian-lts-announce] 20200720 [SECURITY] [DLA 2283-1] nginx security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html"
          },
          {
            "name": "DSA-4750",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2020/dsa-4750"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20210129-0002/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20210129-0002/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.15.8.4",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-11724"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-444"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch"
            },
            {
              "name": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa"
            },
            {
              "name": "[debian-lts-announce] 20200720 [SECURITY] [DLA 2283-1] nginx security update",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html"
            },
            {
              "name": "DSA-4750",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4750"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20210129-0002/",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20210129-0002/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2021-01-29T16:33Z",
      "publishedDate": "2020-04-12T21:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2020-11724

Vulnerability from cvelistv5

ghsa-478m-xrv3-7r93

Vulnerability from github

cve-2020-11724

Vulnerability from fkie_nvd

var-202004-0234

Vulnerability from variot

nginx vulnerability

gsd-2020-11724

Vulnerability from gsd

Tags

Sightings

Nomenclature