Vulnerabilities > CVE-2020-36309 - Unspecified vulnerability in Openresty Lua-Nginx-Module

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
openresty
NVD
Published: 2021-04-06
Updated: 2021-06-03

Summary

ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header.

Vulnerable Configurations

Part Description Count
Application
Openresty
332

References