Back to overview

CVE-2026-55233

HIGH
7.5
CVSS 3.1
Description
OpenResty is a high performance web platform. From 1.29.2.1 to before 1.29.2.5, an out-of-bounds write vulnerability exists in the upstream PROXY protocol v2 implementation. When OpenResty is configured to send PROXY protocol version 2 headers to upstream servers, constructing the header in the stream proxy protocol v2 patch can write beyond the bounds of the allocated buffer, causing the worker process to crash and resulting in a denial of service. Only configurations that explicitly enable PROXY protocol v2 for upstream connections are impacted. This issue is fixed in version 1.29.2.5.

Metadata

CVE ID
CVE-2026-55233
State
PUBLISHED
Assigner
GitHub_M
Reserved
2026-06-16 16:44 UTC
Published
2026-07-10 19:59 UTC
Last updated
2026-07-10 19:59 UTC
Primary CWE
CWE-787
CWE-787: Out-of-bounds Write
Vendor / Product
openresty / openresty
Sources
cve.org  ·  NVD

Severity & Metrics

7.5 HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products (1)
VendorProductPlatformVersions
openresty openresty >= 1.29.2.1, < 1.29.2.5
Weakness (CWE)
CWESourceDescription
CWE-787 cna CWE-787: Out-of-bounds Write
CVSS scores (1)
ScoreSeverityVersionSourceVector
7.5 HIGH 3.1 cna CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References (2)
Back to overview