NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Denial Of Service
Buffer Overflow
Nginx
Memory Corruption
Nginx Unit
NVD
CVSS 3.0
9.8
EPSS
2.9%