Lucene search
K

111 matches found

Cvelist
Cvelist
added 2025/04/22 12:0 a.m.11 views

CVE-2024-33452

An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request...

0.00668EPSS
Exploits1References2
OSV
OSV
added 2025/04/22 12:0 a.m.5 views

CVE-2024-33452

An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request...

7.7CVSS6.7AI score0.00668EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/04/22 12:0 a.m.4 views

OpenResty lua-nginx-module 安全漏洞

OpenResty lua-nginx-module is an OpenResty USA open source component for integrating the Lua scripting language into Nginx servers. A security vulnerability exists in OpenResty lua-nginx-module v0.10.26 and earlier versions, which stems from a specially crafted HEAD request that results in an...

7.7CVSS7.1AI score0.00668EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/04/22 12:0 a.m.14 views

CVE-2024-33452

An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request...

7.1AI score0.00668EPSS
Exploits1References2
CVE
CVE
added 2025/04/22 12:0 a.m.102 views

CVE-2024-33452

CVE-2024-33452 applies to OpenResty lua-nginx-module v0.10.26 and earlier, allowing HTTP request smuggling via a crafted HEAD request. Connected sources confirm the issue in the lua-nginx-module (OpenResty) and note a patch path via vendor advisories: Debian’s DLA-4228-1 fixes nginx/libnginx-mod-...

7.7CVSS7.1AI score0.00668EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2025/04/22 12:0 a.m.5 views

CVE-2024-33452

An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request...

7.7CVSS7.5AI score0.00668EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2025/04/16 12:0 a.m.15 views

The vulnerability of the lua-nginx-module in NGINX web servers, related to inconsistent interpretation of HTTP requests, allows attackers to send hidden HTTP requests (HTTP Request Smuggling attack).

The vulnerability of the lua-nginx-module in NGINX web servers is related to inconsistent interpretation of HTTP requests. Exploiting this vulnerability allows a malicious actor to send hidden HTTP requests a type of HTTP Request Smuggling attack...

7.5CVSS7.2AI score0.00668EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/03/26 2:24 p.m.10 views

Moderate: Red Hat Security Advisory: nginx:1.24 security update

An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

5.7CVSS6.7AI score0.0032EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/03/26 2:9 p.m.10 views

nginx: specially crafted MP4 file may cause denial of service

A flaw was found in the ngxhttpmp4module module of Nginx. Processing a specially crafted MP4 file can trigger a buffer over-read and cause the nginx process to terminate, resulting in a denial of service...

5.7CVSS7.5AI score0.0032EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/03/09 12:0 a.m.9 views

PT-2025-11679 · Openresty +1 · Lua-Nginx-Module +2

Name of the Vulnerable Software and Affected Versions: OpenResty/lua-nginx-module affected versions not specified Description: The issue concerns HTTP Request Smuggling in HEAD requests. When handling HTTP/1.1 requests, the lua-nginx-module incorrectly parses HEAD requests with a body, treating t...

7.7CVSS5.3AI score0.01313EPSS
Exploits1References31
Fedora
Fedora
added 2025/02/15 2:37 a.m.14 views

[SECURITY] Fedora 41 Update: nginx-mod-vts-0.2.3-3.fc41

Nginx virtual host traffic status module...

5.3CVSS6.9AI score0.02646EPSS
Exploits0
Fedora
Fedora
added 2025/02/15 2:37 a.m.14 views

[SECURITY] Fedora 41 Update: nginx-mod-naxsi-1.6-9.fc41

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

5.3CVSS6.9AI score0.02646EPSS
Exploits0
Fedora
Fedora
added 2025/02/15 2:37 a.m.18 views

[SECURITY] Fedora 41 Update: nginx-mod-modsecurity-1.0.3-16.fc41

The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...

5.3CVSS6.8AI score0.02646EPSS
Exploits0
Fedora
Fedora
added 2025/02/15 2:37 a.m.11 views

[SECURITY] Fedora 41 Update: nginx-mod-fancyindex-0.5.2-10.fc41

The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...

5.3CVSS6.4AI score0.02646EPSS
Exploits0
Fedora
Fedora
added 2025/02/15 2:23 a.m.12 views

[SECURITY] Fedora 40 Update: nginx-mod-modsecurity-1.0.3-16.fc40

The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...

5.3CVSS6.8AI score0.02646EPSS
Exploits0
Fedora
Fedora
added 2025/02/15 2:23 a.m.15 views

[SECURITY] Fedora 40 Update: nginx-mod-fancyindex-0.5.2-8.fc40

The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...

5.3CVSS6.4AI score0.02646EPSS
Exploits0
Fedora
Fedora
added 2025/02/15 2:23 a.m.16 views

[SECURITY] Fedora 40 Update: nginx-mod-naxsi-1.6-9.fc40

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

5.3CVSS6.9AI score0.02646EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/09/11 7:0 a.m.3 views

NGINX MP4 module vulnerability

...

5.7CVSS6.7AI score0.0032EPSS
Exploits0
Fedora
Fedora
added 2024/08/26 1:31 a.m.21 views

[SECURITY] Fedora 39 Update: nginx-mod-naxsi-1.6-6.fc39

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

5.7CVSS4.7AI score0.0032EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/06/05 12:0 a.m.6 views

The vulnerability of the HTTP/3 QUIC module (ngx_http_v3_module) in NGINX Plus and NGINX OSS web servers allows a attacker to cause a service failure.

The vulnerability of the HTTP/3 QUIC module ngxhttpv3module in NGINX Plus and NGINX OSS servers is related to buffer overflow in the stack. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending specially crafted HTTP/3 requests...

6.5CVSS6.9AI score0.00872EPSS
Exploits0References7Affected Software3
Rows per page
Query Builder