10 matches found
TencentOS Server 4: nginx (TSSA-2026:0279)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0279 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Fedora 42 : nginx / nginx-mod-brotli / nginx-mod-fancyindex / etc (2025-8caa129b2e)
The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-8caa129b2e advisory. Changes with nginx 1.28.1 23 Dec 2025 Security: processing of a specially crafted login/password when using the none authentication method in the...
Fedora 43 : nginx / nginx-mod-brotli / nginx-mod-fancyindex / etc (2025-8aa169ea14)
The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-8aa169ea14 advisory. Changes with nginx 1.28.1 23 Dec 2025 Security: processing of a specially crafted login/password when using the none authentication method in the...
Fedora 44 : nginx / nginx-mod-brotli / nginx-mod-fancyindex / etc (2025-530e10091c)
The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-530e10091c advisory. Changes with nginx 1.28.1 23 Dec 2025 Security: processing of a specially crafted login/password when using the none authentication method in the...
Mageia: Security Advisory (MGASA-2025-0245)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated nginx package fixes security vulnerability
It was discovered that nginx contains a security issue in the ngxmailsmtpmodule which might allow an attacker to cause buffer over-read potentially resulting in sensitive information leak in a HTTP request to the authentication server CVE-2025-53859...
CVE-2025-53859 affecting package nginx for versions less than 1.22.1-14
CVE-2025-53859 affecting package nginx for versions less than 1.22.1-14. A patched version of the package is available...
OESA-2025-2089 nginx security update
NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...
Low: nginx
Issue Overview: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server...
CVE-2025-53859
NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...