CVE-2025-23419 affecting package nginx for versions less than 1.22.1-13

CVE-2025-23419 affecting package nginx for versions less than 1.22.1-13. A patched version of the package is available...

[SECURITY] Fedora 41 Update: nginx-mod-vts-0.2.3-3.fc41

Nginx virtual host traffic status module...

[SECURITY] Fedora 41 Update: nginx-mod-naxsi-1.6-9.fc41

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

[SECURITY] Fedora 41 Update: nginx-mod-modsecurity-1.0.3-16.fc41

The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...

[SECURITY] Fedora 41 Update: nginx-mod-fancyindex-0.5.2-10.fc41

The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...

[SECURITY] Fedora 41 Update: nginx-1.26.3-1.fc41

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

[SECURITY] Fedora 40 Update: nginx-1.26.3-1.fc40

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

[SECURITY] Fedora 40 Update: nginx-mod-fancyindex-0.5.2-8.fc40

The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...

[SECURITY] Fedora 40 Update: nginx-mod-naxsi-1.6-9.fc40

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

[SECURITY] Fedora 40 Update: nginx-mod-modsecurity-1.0.3-16.fc40

The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...

[SECURITY] Fedora 40 Update: nginx-mod-vts-0.2.3-3.fc40

Nginx virtual host traffic status module...

Fedora 40 : nginx / nginx-mod-fancyindex / nginx-mod-modsecurity / etc (2025-016ed44ddc)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-016ed44ddc advisory. Changes with nginx 1.26.3 05 Feb 2025 Security: insufficient check in virtual servers handling with TLSv1.3 SNI allowed to reuse SSL sessions in a different...

Fedora 41 : nginx / nginx-mod-fancyindex / nginx-mod-modsecurity / etc (2025-66ebd291f8)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-66ebd291f8 advisory. Changes with nginx 1.26.3 05 Feb 2025 Security: insufficient check in virtual servers handling with TLSv1.3 SNI allowed to reuse SSL sessions in a different...

OESA-2025-1134 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication...

SUSE CVE-2024-7347

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngxhttpmp4module and the mp4 directi...

SUSE CVE-2024-31079

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacke...

Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software

Palo Alto Networks has addressed a high-severity security flaw in its PAN-OS software that could result in an authentication bypass. The vulnerability, tracked as CVE-2025-0108 , carries a CVSS score of 7.8 out of 10.0. The score, however, drops to 5.1 if access to the management interface is...

Mageia: Security Advisory (MGASA-2025-0051)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated nginx packages fix security vulnerability

TLS Session Resumption Vulnerability. CVE-2025-23419...

MGASA-2025-0051 Updated nginx packages fix security vulnerability

TLS Session Resumption Vulnerability. CVE-2025-23419...