UBUNTU-CVE-2019-20372

NGINX before 1.17.7, with certain errorpage configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer...

CVE-2019-20372

NGINX before 1.17.7, with certain errorpage configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer...

CVE-2019-20372

NGINX before 1.17.7, with certain errorpage configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer...

CVE-2019-20372

NGINX before 1.17.7, with certain errorpage configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer...

CVE-2019-20372

NGINX (on Amazon Linux 2) is affected by CVE-2019-20372 when configured with certain error_page settings, enabling HTTP request smuggling. The Amazon Linux 2 ALAS advisory ALAS2NGINX1-2023-004 confirms vulnerable 1.17.x/older configurations and provides patched packages: nginx 1.18.0 and related ...

openSUSE: Security Advisory for nginx (openSUSE-SU-2019:2120-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for rmt-server (openSUSE-SU-2019:1824-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PT-2020-6649

Name of the Vulnerable Software and Affected Versions NGINX versions prior to 1.17.7 Description The issue is related to HTTP request smuggling in NGINX, which can be exploited by an attacker to read unauthorized web pages, particularly in environments where NGINX is fronted by a load balancer...

Security Bulletin: A security vulnerability has been identified in nginx shipped with PowerAI Vision

Summary Multiple vulnerabilities CVE-2019-9516, CVE-2019-9515, CVE-2019-9517, CVE-2019-9518, CVE-2019-9511, CVE-2019-9513 in nginx Vulnerability Details CVEID: CVE-2019-9516 DESCRIPTION: Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The...

Security Bulletin: A security vulnerability has been identified in nginx shipped with PowerAI Vision

Summary Vulnerability CVE-2019-9512, CVE-2019-9514 in nginx Vulnerability Details CVEID: CVE-2019-9512 DESCRIPTION: Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to buil...

The vulnerability of the NGINX component of the SoftNAS Cloud storage solution allows a hacker to gain unauthorized access to the Webadmin interface.

The vulnerability of the NGINX component of the SoftNAS Cloud storage solution is related to insufficient checking of arguments passed in the command. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the Webadmin interface...

Security Bulletin: Multiple Vulnerabilities in Nginx affects IBM Watson Studio Local

Summary Multiple Vulnerabilities in Nginx affects IBM Watson Studio Local Vulnerability Details CVEID: CVE-2019-13067 DESCRIPTION: njs through 0.3.3, used in NGINX, has a buffer over-read in nxtutf8decode in nxt/nxtutf8.c. This issue occurs after the fix for CVE-2019-12207 is in place. CVSS Base...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID is not specified, but the repository includes various vulnerable environments based on Docker-Compose, such as flask/ssti, httpd/apacheparsingvulnerability, and nginx/nginxparsingvulnerability. The...

NGINX office in Moscow raided by police

By Waqas Russian authorities have raided NGINX offices in Moscow over a complaint filed by Rambler. Here's what happened: This is a post from HackRead.com Read the original post: NGINX office in Moscow raided by police...

vulhub123

It is an offensive tool for web application security training. The target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector is not...

Russian Police Raided NGINX Moscow Office, Detained Co-Founders

Seems like Rambler filled copyright claim to @isysoev regarding @nginx, nginx office under police raid unconfirmed. Originally posted by @igorippolitov , but somebody asked him to remove his post. pic.twitter.com/76mBNtV31G...

Russian Police Raided NGINX Moscow Office, Detained Co-Founders

Seems like Rambler filled copyright claim to @isysoev regarding @nginx, nginx office under police raid unconfirmed. Originally posted by @igorippolitov , but somebody asked him to remove his post. pic.twitter.com/76mBNtV31G...

NGINX -- HTTP request smuggling

NGINX Team reports: NGINX before 1.17.7, with certain errorpage configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer...

MGASA-2019-0342 Updated nginx packages fix security vulnerabilities

Updated nginx packages fix security vulnerabilities: When using HTTP/2 a client might cause excessive memory consumption and CPU usage CVE-2019-9511, CVE-2019-9513, CVE-2019-9516...

Updated nginx packages fix security vulnerabilities

Updated nginx packages fix security vulnerabilities: When using HTTP/2 a client might cause excessive memory consumption and CPU usage CVE-2019-9511, CVE-2019-9513, CVE-2019-9516...