nginx:1.24 security update

An update is available for nginx, module.nginx. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list nginx is a web and proxy server supporting HTTP and other...

RLSA-2026:18041 Critical: nginx:1.24 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 For more details about the security issues, including the impact, a CVSS...

CLSA-2026-1779126860 nginx: Fix of CVE-2026-42945

CVE-2026-42945: fix heap buffer overrun in ngxhttprewritemodule when rewrite is followed by set/if/rewrite with unnamed PCRE captures...

CLSA-2026-1779126256 Fix CVE(s): CVE-2026-42945

SECURITY UPDATE: fix heap buffer overrun in ngxhttprewritemodule when rewrite is followed by set/if/rewrite with unnamed PCRE captures - debian/patches/CVE-2026-42945.patch: fix heap buffer overrun in ngxhttprewritemodule when rewrite is followed by set/if/rewrite with unnamed PCRE captures -...

CVE-2026-6735

A flaw was found in PHP, specifically within the PHP-FPM status page. Due to improper sanitation of user data, a remote attacker can craft a malicious URL. When a user views the PHP-FPM status page with this crafted URL, it can lead to the execution of arbitrary JavaScript code Cross-Site Scripti...

[SECURITY] [DLA 4589-1] nginx security update

Debian LTS Advisory DLA-4589-1 [email protected] https://www.debian.org/lts/security/ Carlos Henrique Lima Melara May 18, 2026 https://wiki.debian.org/LTS Package : nginx Version : 1.18.0-6.1+deb11u6 CVE ID : CVE-2025-53859 CVE-2026-1642 CVE-2026-27651 CVE-2026-27654 CVE-2026-27784...

Exploit for CVE-2026-42945

CVE-2026-42945 Safe Checker This repository contains a defens...

CLEANSTART-2026-OB67529 Security fixes for CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499 applied in versions: 1.15.1-r0

Multiple security vulnerabilities affect the ingress-nginx-controller-1.15 package. These issues are resolved in later releases. See references for individual vulnerability details...

Critical: Red Hat Security Advisory: nginx security update

An update for nginx is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

nginx: NGINX: Arbitrary Code Execution Vulnerability

A flaw was found in NGINX, specifically within the ngxhttprewritemodule. An unauthenticated attacker can exploit this vulnerability by sending crafted HTTP requests under specific rewrite configurations. This can lead to a heap buffer overflow in the NGINX worker process, which may result in...

Critical: Red Hat Security Advisory: nginx security update

An update for nginx is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

nginx: NGINX: Arbitrary Code Execution Vulnerability

A flaw was found in NGINX, specifically within the ngxhttprewritemodule. An unauthenticated attacker can exploit this vulnerability by sending crafted HTTP requests under specific rewrite configurations. This can lead to a heap buffer overflow in the NGINX worker process, which may result in...

Critical: Red Hat Security Advisory: nginx:1.24 security update

An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Kwetsbaarheid verholpen in NGINX ngx_http_rewrite_module

NGINX has identified a vulnerability in the ngxhttprewritemodule, which is part of both the NGINX Plus and open-source versions of the software. The vulnerability involves a heap buffer overflow in the ngxhttprewritemodule, which is responsible for URL rewriting functionality. An attacker can...

CVE-2026-42945: Mitigating a Critical Heap Buffer Overflow Vulnerability in NGINX

Discover CVE-2026-42945 NGINX Rift, a critical heap buffer overflow vulnerability. Learn about the affected versions and critical patch updates...

Security update for nginx

This update for nginx fixes the following issues Security issues: CVE-2026-1642: plain text data injection into the response from an upstream proxied server bsc1257675. CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. CVE-2026-27784: NGINX...

SUSE-SU-2026:1953-1 Security update for nginx

This update for nginx fixes the following issues Security issues: - CVE-2026-1642: plain text data injection into the response from an upstream proxied server bsc1257675. - CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. - CVE-2026-27784:...

Critical: nginx:1.24 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 For more details about the security issues, including the impact, a CVSS...

Critical: nginx security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 For more details about the security issues, including the impact, a CVSS...

RockyLinux 8 : nginx:1.24 (RLSA-2026:18041)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18041 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the RockyLinux security...