Nginx sensitive information disclosure
When using the Nginx standard module, an attacker is allowed to return a response from the cache, and in some configurations, the cached file header may contain an IP address of the backend server or other sensitive information, resulting in information disclosure.
Nginx 0.5.6 – 1.13.2.
How to fixes
• Proposed upgrade to Nginx1.13.3, 1.12.1.
The post CVE-2017-7529: Nginx sensitive information disclosure vulnerability appeared first on Penetration Testing.