The Columbus and ColumbusPlus software applications are not vulnerable to the Nginx resolver 1-byte memory overwrite vulnerability (CVE-2021-23017).
The nginx.tmpl file and the script that uses it to run the nginx server, namely the serve.py file do not use the 'resolver' instructions in the nginx configuration. Thus, with a standard default nginx configuration, Columbus is not vulnerable to this issue.
Comments
0 comments
Article is closed for comments.