Nginx · Nginx · CVE-2019-20372
**Name of the Vulnerable Software and Affected Versions**
NGINX versions prior to 1.17.7
**Description**
The issue is related to HTTP request smuggling in NGINX, which can be exploited by an attacker to read unauthorized web pages, particularly in environments where NGINX is fronted by a load balancer. This is due to insufficient handling of HTTP requests. The vulnerability can allow a remote attacker to gain unauthorized access to information.
**Recommendations**
For NGINX versions prior to 1.17.7, update to version 1.17.7 or later to resolve the issue.
For versions prior to 1.21.0, updating to version 1.21.0 can also address multiple related issues, including this one.