{"id":"CVE-2016-0742","details":"The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response.","modified":"2026-04-16T06:19:40.213756568Z","published":"2016-02-15T19:59:00.107Z","related":["SUSE-SU-2016:1232-1","openSUSE-SU-2024:10044-1"],"references":[{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3473"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1034869"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2892-1"},{"type":"ADVISORY","url":"https://bto.bluecoat.com/security-advisory/sa115"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201606-06"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT212818"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html"},{"type":"ADVISORY","url":"http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2021/Sep/36"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2016:1425"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1302587"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nginx/nginx","events":[{"introduced":"cb1cdc7426ba5470197f1a1ca5e8fe485223e558"},{"fixed":"759af1a42404d87a2ba51dc94e902b7a5ea5491e"},{"introduced":"94dcfa5fe1501f35d7f22ae6050e2965939480d6"},{"fixed":"0269c7a312bf754dcee68a36d055aea0989046f3"},{"introduced":"0"},{"last_affected":"a2a09a84eb0a7059880500e70b40796ab1dd0c4d"}],"database_specific":{"versions":[{"introduced":"0.6.18"},{"fixed":"1.8.1"},{"introduced":"1.9.0"},{"fixed":"1.9.10"},{"introduced":"0"},{"last_affected":"1.0"}]}}],"versions":["release-0.6.18","release-0.6.19","release-0.6.20","release-0.6.21","release-0.6.22","release-0.6.23","release-0.6.24","release-0.6.25","release-0.6.26","release-0.6.27","release-0.6.28","release-0.6.29","release-0.6.30","release-0.6.31","release-0.7.0","release-0.7.1","release-0.7.10","release-0.7.11","release-0.7.12","release-0.7.13","release-0.7.14","release-0.7.15","release-0.7.16","release-0.7.17","release-0.7.18","release-0.7.19","release-0.7.2","release-0.7.20","release-0.7.21","release-0.7.22","release-0.7.23","release-0.7.24","release-0.7.25","release-0.7.26","release-0.7.27","release-0.7.28","release-0.7.29","release-0.7.3","release-0.7.30","release-0.7.31","release-0.7.32","release-0.7.33","release-0.7.34","release-0.7.35","release-0.7.36","release-0.7.37","release-0.7.38","release-0.7.39","release-0.7.4","release-0.7.40","release-0.7.41","release-0.7.42","release-0.7.43","release-0.7.44","release-0.7.45","release-0.7.46","release-0.7.47","release-0.7.48","release-0.7.49","release-0.7.5","release-0.7.50","release-0.7.51","release-0.7.52","release-0.7.53","release-0.7.54","release-0.7.55","release-0.7.56","release-0.7.57","release-0.7.58","release-0.7.59","release-0.7.6","release-0.7.7","release-0.7.8","release-0.7.9","release-0.8.0","release-0.8.1","release-0.8.10","release-0.8.11","release-0.8.12","release-0.8.13","release-0.8.14","release-0.8.15","release-0.8.16","release-0.8.17","release-0.8.18","release-0.8.19","release-0.8.2","release-0.8.20","release-0.8.21","release-0.8.22","release-0.8.23","release-0.8.24","release-0.8.25","release-0.8.26","release-0.8.27","release-0.8.28","release-0.8.29","release-0.8.3","release-0.8.30","release-0.8.31","release-0.8.32","release-0.8.33","release-0.8.34","release-0.8.35","release-0.8.36","release-0.8.37","release-0.8.38","release-0.8.39","release-0.8.4","release-0.8.40","release-0.8.41","release-0.8.42","release-0.8.43","release-0.8.44","release-0.8.45","release-0.8.46","release-0.8.47","release-0.8.48","release-0.8.49","release-0.8.5","release-0.8.50","release-0.8.51","release-0.8.52","release-0.8.53","release-0.8.6","release-0.8.7","release-0.8.8","release-0.8.9","release-0.9.0","release-0.9.1","release-0.9.2","release-0.9.3","release-0.9.4","release-0.9.5","release-0.9.6","release-0.9.7","release-1.0.0","release-1.0.1","release-1.0.2","release-1.0.3","release-1.0.4","release-1.0.5","release-1.1.0","release-1.1.1","release-1.1.10","release-1.1.11","release-1.1.12","release-1.1.13","release-1.1.14","release-1.1.15","release-1.1.16","release-1.1.17","release-1.1.18","release-1.1.19","release-1.1.2","release-1.1.3","release-1.1.4","release-1.1.5","release-1.1.6","release-1.1.7","release-1.1.8","release-1.1.9","release-1.2.0","release-1.3.0","release-1.3.1","release-1.3.10","release-1.3.11","release-1.3.12","release-1.3.13","release-1.3.14","release-1.3.15","release-1.3.16","release-1.3.2","release-1.3.3","release-1.3.4","release-1.3.5","release-1.3.6","release-1.3.7","release-1.3.8","release-1.3.9","release-1.4.0","release-1.5.0","release-1.5.1","release-1.5.10","release-1.5.11","release-1.5.12","release-1.5.13","release-1.5.2","release-1.5.3","release-1.5.4","release-1.5.5","release-1.5.6","release-1.5.7","release-1.5.8","release-1.5.9","release-1.7.0","release-1.7.1","release-1.7.10","release-1.7.11","release-1.7.12","release-1.7.2","release-1.7.3","release-1.7.4","release-1.7.5","release-1.7.6","release-1.7.7","release-1.7.8","release-1.7.9","release-1.8.0","release-1.9.0","release-1.9.1","release-1.9.2","release-1.9.3","release-1.9.4","release-1.9.5","release-1.9.6","release-1.9.7","release-1.9.8","release-1.9.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-0742.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"15.10"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"42.1"}]},{"events":[{"introduced":"0"},{"fixed":"13.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}