Lucene search
K

7 matches found

Cvelist
Cvelist
added 2026/06/17 2:4 p.m.18 views

CVE-2026-48142 NGINX ngx_http_charset_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When content is served or proxied through a location block with both sourcecharset utf-8; and a charset directive for example, charset koi8-r; configured, remote, unauthenticated attackers can send requests ...

6.3CVSS0.00398EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/21 5:0 p.m.15 views

CVE-2026-42934

A flaw was found in the ngxhttpcharsetmodule module of NGINX. When charset, sourcecharset, charsetmap and proxypass with disabled buffering "off" directives are configured, an unauthenticated attacker can send crafted requests and cause a heap-based buffer over-read in the worker process, resulti...

6.3CVSS6AI score0.00717EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/13 6:30 p.m.11 views

EUVD-2026-30008

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When charset, sourcecharset, and charsetmap and proxypass with disabled buffering "off" directives are configured, unauthenticated attackers can send requests that with conditions beyond the attackers' contr...

6.3CVSS5.9AI score0.00717EPSS
Exploits0References2
OSV
OSV
added 2026/05/13 4:16 p.m.4 views

ALPINE-CVE-2026-42934

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When charset, sourcecharset, and charsetmap and proxypass with disabled buffering "off" directives are configured, unauthenticated attackers can send requests that with conditions beyond the attackers' contr...

6.3CVSS6.1AI score0.00717EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 2:12 p.m.10 views

CVE-2026-42934 NGINX ngx_http_charset_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When charset, sourcecharset, and charsetmap and proxypass with disabled buffering "off" directives are configured, unauthenticated attackers can send requests that with conditions beyond the attackers' contr...

6.3CVSS5.9AI score0.00717EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/13 2:12 p.m.14 views

CVE-2026-42934

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When charset, sourcecharset, and charsetmap and proxypass with disabled buffering "off" directives are configured, unauthenticated attackers can send requests that with conditions beyond the attackers' contr...

6.3CVSS6.1AI score0.00717EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/13 2:12 p.m.8 views

CVE-2026-42934

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When charset, sourcecharset, and charsetmap and proxypass with disabled buffering "off" directives are configured, unauthenticated attackers can send requests that with conditions beyond the attackers' contr...

6.3CVSS5.9AI score0.00717EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder