CVE-2016-0747 vulnerability in NGINX and Other Products
Published on February 15, 2016

The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2016-0747

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2016-0747 are published in these products:

nginx

Canonical Ubuntu Linux

Debian Linux

OpenSuse Leap

F5 Networks Nginx

Apple Xcode

Exploit Probability

EPSS

33.18%

Percentile

96.79%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2016-0747 vulnerability in NGINX and Other ProductsPublished on February 15, 2016

Products Associated with CVE-2016-0747

Exploit Probability

CVE-2016-0747 vulnerability in NGINX and Other Products
Published on February 15, 2016