Proof-of-concept exploit release: nginx mp4 module DoS & Infoleak Vulnerability (2018) by @alisaesage.
Proof-of-concept exploit that demonstrates an out of bounds read in nginx v1.15.5 heap. This can be worked up to an information disclosure exploit with a bit of extra work. The bug itself, and potentially the exploit, affects earlier nginx versions to some extent.
https://zerodayengineering.com/exploits/nginx-mp4-infoleak.html
https://t.me/cKure/11351