nginx 0.5.13 < 1.28.3 / 1.29.x < 1.29.7 Buffer Overflow in ngx_http_dav_module

Version 1.2

Apr 17, 2026, 9:54 AM

CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C")
CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C")
Exploit attributes ("Exploit available" set to "True")
Exploit attributes ("Exploitability ease" set to "Exploits are available")