11 matches found
Important: Red Hat Security Advisory: nginx:1.24 security, bug fix, and enhancement update
An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: nginx security, bug fix, and enhancement update
An update for nginx is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
OESA-2026-2801 nginx security update
NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the proxyhttpversion ...
OESA-2026-2798 nginx security update
NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the proxyhttpversion ...
[SECURITY] [DLA 4667-1] nginx security update
Debian LTS Advisory DLA-4667-1 [email protected] https://www.debian.org/lts/security/ Carlos Henrique Lima Melara July 03, 2026 https://wiki.debian.org/LTS Package : nginx Version : 1.22.1-9+deb12u9 CVE ID : CVE-2026-42055 CVE-2026-48142 Debian Bug : 1140359 1140361 Multiple...
Fedora 44 : nginx / nginx-mod-brotli / nginx-mod-fancyindex / etc (2026-b8e751787c)
The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-b8e751787c advisory. nginx-mod-brotli: - Rebuild for 1.30.3 nginx-mod-fancyindex: - Rebuild for 1.30.3 nginx-mod-vts: - Rebuild for 1.30.3 nginx-mod-modsecurity: - Rebui...
CVE-2026-42055 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
UBUNTU-CVE-2026-42055
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the proxyhttpversion to 2 or grpcpass directives are used to proxy HTTP/2 traffic, the ignoreinvalidheaders directive is set to off, and the...
nginx 1.13.10 < 1.30.3 / 1.31.x < 1.31.2 Buffer Overflow
The installed version of nginx is 1.13.10 prior to 1.30.3, or 1.31.x prior to 1.31.2. It is, therefore, affected by the following issue : - NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the...
F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution
F5 has released security updates to address two critical security flaws in NGINX Open Source that could be exploited to achieve code execution on affected systems. The vulnerabilities are listed below - CVE-2026-42530 CVSS v4 score: 9.2 - A use-after-free vulnerability in the ngxhttpv3module that...
CVE-2026-42055
CVE-2026-42055 affects NGINX Plus and NGINX Open Source via the ngx_http_proxy_v2_module and ngx_http_grpc_module. A remote, unauthenticated attacker can exploit scenarios where proxy_http_version 2 or grpc_pass is used, ignore_invalid_headers is off, and large_client_header_buffers is set to mul...