105 matches found
Fedora 42 : nginx / nginx-mod-brotli / nginx-mod-fancyindex / etc (2026-38623b4fed)
The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-38623b4fed advisory. nginx-mod-vts: - Rebuild for 1.30.1 nginx-mod-fancyindex: - Rebuild for 1.30.1 nginx-mod-naxsi: - Rebuild for 1.30.1 nginx-mod-headers-more: - Rebui...
[SECURITY] Fedora 44 Update: nginx-mod-modsecurity-1.0.4-8.fc44
The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...
[SECURITY] Fedora 44 Update: nginx-mod-vts-0.2.4-7.fc44
Nginx virtual host traffic status module...
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
A flaw was found in NGINX, specifically within the ngxmailauthhttpmodule. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of...
nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files
A flaw was found in NGINX's ngxhttpmp4module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead ...
ANT-2026-VS18SA90 · nginx · Arbitrary File Write
arbitrary-file-write critical CVE-2026-27654 Severity Claude critical · Security research firm critical · Maintainer - Discovered by Claude Mythos Preview REPORT Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by Calif. ANT-2026-VS18SA90: unauthenticated remot...
Linux Distros Unpatched Vulnerability : CVE-2026-28755
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Plus and NGINX Open Source have a vulnerability in the ngxstreamsslmodule module due to the improper handling of revoked certificates when configured with...
CVE-2026-28755
A flaw was found in NGINX, specifically within its ngxstreamsslmodule. When NGINX is configured to verify client certificates and use the Online Certificate Status Protocol OCSP for revocation checks, it fails to properly enforce the revocation status. This allows a Transport Layer Security TLS...
ALPINE-CVE-2026-27651
When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP authentication is enabled, and 2 the authentication server permits retry by returning the Auth-Wait...
CVE-2026-27651
CVE-2026-27651 affects the ngx_mail_auth_http_module in NGINX Plus and NGINX Open Source. When CRAM-MD5 or APOP authentication is enabled and the authentication server indicates a retry by returning the Auth-Wait header, undisclosed requests can cause worker processes to terminate. This is the st...
F5 NGINX Open Source 输入验证错误漏洞
F5 NGINX Open Source is a high-performance web server, reverse proxy server, load balancer, and API gateway provided by the F5 company. The 32-bit version of F5 NGINX Open Source has a vulnerability related to input validation errors. This vulnerability stems from issues with out-of-bound reading...
Linux Distros Unpatched Vulnerability : CVE-2026-27651
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue ma...
PT-2026-27429
Name of the Vulnerable Software and Affected Versions NGINX Open Source affected versions not specified NGINX Plus affected versions not specified Description When the ngx mail auth http module module is enabled, certain undisclosed requests can lead to the termination of worker processes. This...
ANT-2026-HY56VRSB · nginx · Heap
heap-buffer-overflow high CVE-2026-27654 Severity Claude high · Security research firm - · Maintainer - Discovered by Claude Mythos Preview REPORT Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by Calif. ANT-2026-HY56VRSB: Heap buffer overflow in...
[SECURITY] Fedora 42 Update: nginx-mod-fancyindex-0.5.2-15.fc42
The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...
[SECURITY] Fedora 42 Update: nginx-mod-modsecurity-1.0.4-7.fc42
The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...
[SECURITY] Fedora 43 Update: nginx-mod-brotli-1.0.0~rc-6.fc43
NGINX module for Brotli compression...
[SECURITY] Fedora 42 Update: nginx-mod-modsecurity-1.0.4-5.fc42
The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...
[SECURITY] Fedora 42 Update: nginx-mod-naxsi-1.6-12.fc42
naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...
[SECURITY] Fedora 43 Update: nginx-mod-naxsi-1.6-12.fc43
naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...