CVE-2019-20372 vulnerability in NGINX and Other Products
Published on January 9, 2020

NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2019-20372

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-20372 are published in these products:

nginx

F5 Networks Nginx

Apple Xcode

Canonical Ubuntu Linux

OpenSuse Leap

NetApp Cloud Backup

Exploit Probability

EPSS

69.74%

Percentile

98.64%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-20372 vulnerability in NGINX and Other ProductsPublished on January 9, 2020

Products Associated with CVE-2019-20372

Exploit Probability

CVE-2019-20372 vulnerability in NGINX and Other Products
Published on January 9, 2020