CVE-2017-7529 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-7529 Interim 1 38 2025-11-05T04:02:33Z current 2021-05-30T13:54:49Z 2025-11-05T04:02:33Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-7529 Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2017-September/003192.html E-Mail link for SUSE-SU-2017:2387-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Lifecycle Management Server 1.3 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP7 SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP7 SUSE Linux Enterprise Server 15-ESPOS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP7 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Package Hub 12 SUSE Studio Onsite 1.3 SUSE WebYast 1.3 openSUSE Tumbleweed nginx nginx-1.0-1.0.15-0.35.3.1 nginx-1.13.9-12.1 nginx-1.14.0-1.14 nginx-1.14.0-4.24 nginx-1.16.1-1.21 nginx-1.19.8-1.1 nginx-1.21.3-1.4 nginx-1.21.5-150400.1.8 nginx-1.21.5-150600.10.3.1 nginx-1.27.2-160000.2.2 nginx-source-1.14.0-4.24 nginx-source-1.16.1-1.21 nginx-source-1.19.8-1.1 nginx-source-1.21.3-1.4 nginx-source-1.21.5-150400.1.8 nginx-source-1.21.5-150600.10.3.1 nginx-source-1.27.2-160000.2.2 ruby2.7-rubygem-passenger-6.0.8-3.2 ruby3.0-rubygem-passenger-6.0.8-3.2 rubygem-passenger-6.0.8-3.2 rubygem-passenger-apache2-6.0.8-3.2 rubygem-passenger-nginx-6.0.8-3.2 vim-plugin-nginx-1.13.9-12.1 vim-plugin-nginx-1.21.3-1.4 nginx-1.0-1.0.15-0.35.3.1 as a component of SUSE Lifecycle Management Server 1.3 nginx-1.14.0-1.14 as a component of SUSE Linux Enterprise Module for Server Applications 15 nginx-1.14.0-4.24 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP1 nginx-source-1.14.0-4.24 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP1 nginx-1.16.1-1.21 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 nginx-source-1.16.1-1.21 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 nginx-1.19.8-1.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP3 nginx-source-1.19.8-1.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP3 nginx-1.21.5-150400.1.8 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP4 nginx-source-1.21.5-150400.1.8 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP4 nginx-1.21.5-150600.10.3.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP7 nginx-source-1.21.5-150600.10.3.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP7 nginx-1.27.2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 nginx-source-1.27.2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 nginx-1.13.9-12.1 as a component of SUSE Package Hub 12 vim-plugin-nginx-1.13.9-12.1 as a component of SUSE Package Hub 12 nginx-1.0-1.0.15-0.35.3.1 as a component of SUSE Studio Onsite 1.3 nginx-1.0-1.0.15-0.35.3.1 as a component of SUSE WebYast 1.3 nginx-1.21.3-1.4 as a component of openSUSE Tumbleweed nginx-source-1.21.3-1.4 as a component of openSUSE Tumbleweed ruby2.7-rubygem-passenger-6.0.8-3.2 as a component of openSUSE Tumbleweed ruby3.0-rubygem-passenger-6.0.8-3.2 as a component of openSUSE Tumbleweed rubygem-passenger-6.0.8-3.2 as a component of openSUSE Tumbleweed rubygem-passenger-apache2-6.0.8-3.2 as a component of openSUSE Tumbleweed rubygem-passenger-nginx-6.0.8-3.2 as a component of openSUSE Tumbleweed vim-plugin-nginx-1.21.3-1.4 as a component of openSUSE Tumbleweed nginx as a component of SUSE Linux Enterprise High Performance Computing 15-LTSS nginx as a component of SUSE Linux Enterprise Server 15-ESPOS nginx as a component of SUSE Linux Enterprise Server 15-LTSS nginx as a component of SUSE Linux Enterprise Server for SAP Applications 15 Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. CVE-2017-7529 SUSE Lifecycle Management Server 1.3:nginx-1.0-1.0.15-0.35.3.1 SUSE Linux Enterprise Module for Server Applications 15:nginx-1.14.0-1.14 SUSE Linux Enterprise Module for Server Applications 15 SP1:nginx-1.14.0-4.24 SUSE Linux Enterprise Module for Server Applications 15 SP1:nginx-source-1.14.0-4.24 SUSE Linux Enterprise Module for Server Applications 15 SP2:nginx-1.16.1-1.21 SUSE Linux Enterprise Module for Server Applications 15 SP2:nginx-source-1.16.1-1.21 SUSE Linux Enterprise Module for Server Applications 15 SP3:nginx-1.19.8-1.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:nginx-source-1.19.8-1.1 SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.1.8 SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-source-1.21.5-150400.1.8 SUSE Linux Enterprise Module for Server Applications 15 SP7:nginx-1.21.5-150600.10.3.1 SUSE Linux Enterprise Module for Server Applications 15 SP7:nginx-source-1.21.5-150600.10.3.1 SUSE Linux Enterprise Server 16.0:nginx-1.27.2-160000.2.2 SUSE Linux Enterprise Server 16.0:nginx-source-1.27.2-160000.2.2 SUSE Package Hub 12:nginx-1.13.9-12.1 SUSE Package Hub 12:vim-plugin-nginx-1.13.9-12.1 SUSE Studio Onsite 1.3:nginx-1.0-1.0.15-0.35.3.1 SUSE WebYast 1.3:nginx-1.0-1.0.15-0.35.3.1 openSUSE Tumbleweed:nginx-1.21.3-1.4 openSUSE Tumbleweed:nginx-source-1.21.3-1.4 openSUSE Tumbleweed:ruby2.7-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:ruby3.0-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-apache2-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-nginx-6.0.8-3.2 openSUSE Tumbleweed:vim-plugin-nginx-1.21.3-1.4 SUSE Linux Enterprise High Performance Computing 15-LTSS:nginx SUSE Linux Enterprise Server 15-ESPOS:nginx SUSE Linux Enterprise Server 15-LTSS:nginx SUSE Linux Enterprise Server for SAP Applications 15:nginx important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N