Jamie Landeg-Jones

**Name of the Vulnerable Software and Affected Versions** NGINX versions prior to 1.13.6 **Description** The issue is related to the autoindex module's incorrect handling of years exceeding four digits, which can cause an integer overflow. This can be triggered by a file with a modification date in the distant past or future. The exploitation of this issue may allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. **Recommendations** For NGINX versions prior to 1.13.6, update to version 1.13.6 or later to resolve the issue. As a temporary workaround, consider disabling the autoindex module until a patch is available. Restrict access to the autoindex module to minimize the risk of exploitation.