NULL pointer dereference and worker process crash vulnerability in nginx before 1.10.1 and 1.11.x before 1.11.1

NULL pointer dereference and worker process crash vulnerability in nginx before 1.10.1 and 1.11.x before 1.11.1

CVE-2016-4450 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a crafted request, involving writing a client request body to a temporary file.

Learn more about our Cis Benchmark Audit For Nginx.