CRE-2025-0053

NGINX Client Upload Size Limit ExceededMedium

Impact: 5/10

Mitigation: 3/10

CRE-2025-0053View on GitHub

NginxUpload LimitsConfiguration

Description

NGINX server is receiving upload requests with bodies that exceed the configured size limits. This occurs when clients attempt to send files or data that are larger than what the server is configured to accept.

Mitigation

- Increase the 'client_max_body_size' setting in the NGINX configuration to accommodate legitimate large uploads if appropriate - Add clear error messages to inform users about file size limitations - Implement frontend validations to prevent oversized upload attempts - Consider implementing chunked uploads for handling large files

References

• http://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size