Out-of-Bounds Write Vulnerability in OpenResty Web Platform
CVE-2026-55233
7.5HIGH
What is CVE-2026-55233?
An out-of-bounds write vulnerability exists in the upstream PROXY protocol version 2 implementation of OpenResty. This issue occurs when OpenResty is set to transmit PROXY protocol v2 headers to upstream servers, enabling the potential for an attacker to craft malformed headers. This can lead to writes beyond allocated buffer limits, causing crashes in the worker process and resulting in denial of service. Affected versions include 1.29.2.1 through 1.29.2.4, with the vulnerability addressed in version 1.29.2.5. Only configurations that specifically allow PROXY protocol v2 for upstream connections are impacted.
Affected Version(s)
openresty >= 1.29.2.1, < 1.29.2.5
