[SECURITY] Fedora 43 Update: nginx-mod-fancyindex-0.5.2-13.fc43

The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...

[SECURITY] Fedora 43 Update: nginx-mod-modsecurity-1.0.4-5.fc43

The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...

[SECURITY] Fedora 43 Update: nginx-mod-headers-more-0.39-4.fc43

This module allows adding, setting, or clearing specified input/output header s. This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing "builtin headers" like Content-Type, Content-Length, and Server...

Fedora 42 : nginx / nginx-mod-brotli / nginx-mod-fancyindex / etc (2025-8caa129b2e)

The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-8caa129b2e advisory. Changes with nginx 1.28.1 23 Dec 2025 Security: processing of a specially crafted login/password when using the none authentication method in the...

Fedora 43 : nginx / nginx-mod-brotli / nginx-mod-fancyindex / etc (2025-8aa169ea14)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-8aa169ea14 advisory. Changes with nginx 1.28.1 23 Dec 2025 Security: processing of a specially crafted login/password when using the none authentication method in the...

CVE-2025-62126

Insertion of Sensitive Information Into Sent Data vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching vcaching allows Retrieve Embedded Sensitive Data.This issue affects Varnish/Nginx Proxy Caching: from n/a through = 1.8.3...

PT-2026-6052

Name of the Vulnerable Software and Affected Versions NGINX OSS and NGINX Plus affected versions not specified F5 BIG-IP affected versions not specified Description A flaw exists in NGINX OSS and NGINX Plus when used to proxy to upstream Transport Layer Security TLS servers. An attacker positione...

CVE-2025-62126

Insertion of Sensitive Information Into Sent Data vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching vcaching allows Retrieve Embedded Sensitive Data.This issue affects Varnish/Nginx Proxy Caching: from n/a through = 1.8.3...

CVE-2025-62126 WordPress Varnish/Nginx Proxy Caching plugin <= 1.8.3 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching vcaching allows Retrieve Embedded Sensitive Data.This issue affects Varnish/Nginx Proxy Caching: from n/a through = 1.8.3...

CVE-2025-62126 WordPress Varnish/Nginx Proxy Caching plugin <= 1.8.3 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching allows Retrieve Embedded Sensitive Data.This issue affects Varnish/Nginx Proxy Caching: from n/a through 1.8.3...

EUVD-2025-206012

Insertion of Sensitive Information Into Sent Data vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching allows Retrieve Embedded Sensitive Data.This issue affects Varnish/Nginx Proxy Caching: from n/a through 1.8.3...

CVE-2025-62126

CVE-2025-62126 affects Varnish/Nginx Proxy Caching (versions from n/a up to 1.8.3). Root cause: Insertion of Sensitive Information Into Sent Data, enabling exposure of embedded sensitive data via the proxy. Impact: sensitive information exposure via cached responses. Exploit details are not provi...

WordPress Varnish/Nginx Proxy Caching plugin <= 1.8.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Legion Hunter in WordPress Plugin Varnish/Nginx Proxy Caching versions = 1.8.3...

PT-2025-54365

Name of the Vulnerable Software and Affected Versions Varnish/Nginx Proxy Caching versions through 1.8.3 Description A flaw exists in Varnish/Nginx Proxy Caching that allows for the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. Recommendations...

Unity Linux 20.1070e Security Update: nginx (UTSA-2025-993314)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993314 advisory. NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...

OESA-2025-2854 cpp-httplib security update

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled...

Fedora 44 : nginx / nginx-mod-brotli / nginx-mod-fancyindex / etc (2025-530e10091c)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-530e10091c advisory. Changes with nginx 1.28.1 23 Dec 2025 Security: processing of a specially crafted login/password when using the none authentication method in the...

Security Bulletin: Vulnerability in nginx affects IBM Netezza Appliance

Summary The nginx package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-23419 Vulnerability Details CVEID:CVE-2025-23419 DESCRIPTION: When multiple server blocks are configured to share the same IP address and port, an attacker can use session...

FreeBSD : traefik -- Inverted TLS Verification Logic in Kubernetes NGINX Provider (dc7e30db-de67-11f0-b893-5404a68ad561)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the dc7e30db-de67-11f0-b893-5404a68ad561 advisory. The traefik project reports: There is a potential vulnerability in Traefik NGINX provider managing the...

CVE-2025-14727

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...