111 matches found
CVE-2024-33452
An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request...
CVE-2024-33452
An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request...
OpenResty lua-nginx-module 安全漏洞
OpenResty lua-nginx-module is an OpenResty USA open source component for integrating the Lua scripting language into Nginx servers. A security vulnerability exists in OpenResty lua-nginx-module v0.10.26 and earlier versions, which stems from a specially crafted HEAD request that results in an...
CVE-2024-33452
An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request...
CVE-2024-33452
CVE-2024-33452 applies to OpenResty lua-nginx-module v0.10.26 and earlier, allowing HTTP request smuggling via a crafted HEAD request. Connected sources confirm the issue in the lua-nginx-module (OpenResty) and note a patch path via vendor advisories: Debian’s DLA-4228-1 fixes nginx/libnginx-mod-...
CVE-2024-33452
An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request...
The vulnerability of the lua-nginx-module in NGINX web servers, related to inconsistent interpretation of HTTP requests, allows attackers to send hidden HTTP requests (HTTP Request Smuggling attack).
The vulnerability of the lua-nginx-module in NGINX web servers is related to inconsistent interpretation of HTTP requests. Exploiting this vulnerability allows a malicious actor to send hidden HTTP requests a type of HTTP Request Smuggling attack...
Moderate: Red Hat Security Advisory: nginx:1.24 security update
An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
nginx: specially crafted MP4 file may cause denial of service
A flaw was found in the ngxhttpmp4module module of Nginx. Processing a specially crafted MP4 file can trigger a buffer over-read and cause the nginx process to terminate, resulting in a denial of service...
PT-2025-11679 · Openresty +1 · Lua-Nginx-Module +2
Name of the Vulnerable Software and Affected Versions: OpenResty/lua-nginx-module affected versions not specified Description: The issue concerns HTTP Request Smuggling in HEAD requests. When handling HTTP/1.1 requests, the lua-nginx-module incorrectly parses HEAD requests with a body, treating t...
[SECURITY] Fedora 41 Update: nginx-mod-vts-0.2.3-3.fc41
Nginx virtual host traffic status module...
[SECURITY] Fedora 41 Update: nginx-mod-naxsi-1.6-9.fc41
naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...
[SECURITY] Fedora 41 Update: nginx-mod-modsecurity-1.0.3-16.fc41
The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...
[SECURITY] Fedora 41 Update: nginx-mod-fancyindex-0.5.2-10.fc41
The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...
[SECURITY] Fedora 40 Update: nginx-mod-modsecurity-1.0.3-16.fc40
The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...
[SECURITY] Fedora 40 Update: nginx-mod-fancyindex-0.5.2-8.fc40
The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...
[SECURITY] Fedora 40 Update: nginx-mod-naxsi-1.6-9.fc40
naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...
NGINX MP4 module vulnerability
...
[SECURITY] Fedora 39 Update: nginx-mod-naxsi-1.6-6.fc39
naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...
The vulnerability of the HTTP/3 QUIC module (ngx_http_v3_module) in NGINX Plus and NGINX OSS web servers allows a attacker to cause a service failure.
The vulnerability of the HTTP/3 QUIC module ngxhttpv3module in NGINX Plus and NGINX OSS servers is related to buffer overflow in the stack. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending specially crafted HTTP/3 requests...