参照: Official alpine advisory, NVD, CVE.org · CVE 詳細
Freshness: no update timestamp found; verify against the upstream OS advisory manually.
CVE-2017-20005: 1 source package rows (nginx); 5 state rows across 5 repos (3.19-main, 3.20-main, 3.21-main, 3.22-main, edge-main); fixed 0, open 5.
NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow (or a false modification date far in the future), when encountered by the autoindex module.