Paragon-neo: nginx implementation

Owned by Billy Marshall
Mar 22, 2022
1 min read

There is a CVE identified that affects versions of nginx prior to 1.20.x - https://support.f5.com/csp/article/K12331123. Vulnerability scanners may identify this as a potential issue for Paragon-neo.

 

As per that page, This vulnerability is present only if one or more resolver directives have been configured. By default, no resolvers are configured.

 

The implementation of nginx in Paragon-neo does not have any resolvers configured, and therefore is not vulnerable to this issue.