Lucene search
K

4 matches found

BDU FSTEC
BDU FSTEC
added 2026/05/18 12:0 a.m.3 views

The vulnerabilities of the ngx_http_scgi_module and ngx_http_uwsgi_module modules in NGINX Plus and NGINX Open Source web servers allow a attacker to perform a “man-in-the-middle” attack.

The vulnerability of the ngxhttpscgimodule and ngxhttpuwsgimodule modules in NGINX Plus and NGINX Open Source web servers is related to uncontrolled memory consumption. Exploiting this vulnerability can allow a remote attacker to perform a “man-in-the-middle” attack...

6.5CVSS6.1AI score0.00932EPSS
Exploits0References6Affected Software11
OSV
OSV
added 2026/05/13 4:16 p.m.9 views

ALPINE-CVE-2026-42946

A vulnerability exists in the ngxhttpscgimodule and ngxhttpuwsgimodule modules that may result in excessive memory allocation or an over-read of data. When scgipass or uwsgipass is configured, an unauthenticated attacker with man-in-the-middle MITM ability to control responses from an upstream...

7.4CVSS6AI score0.00932EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 2:12 p.m.52 views

CVE-2026-42946

A vulnerability CVE-2026-42946 affects the NGINX ngx_http_scgi_module and ngx_http_uwsgi_module. When scgi_pass or uwsgi_pass is configured, an unauthenticated attacker with MITM control over upstream responses may trigger excessive memory allocation or an out-of-bounds read in the NGINX worker, ...

8.3CVSS5.8AI score0.00932EPSS
Exploits0References1Affected Software7
Nginx
Nginx
added 2026/05/13 2:12 p.m.45 views

Buffer overread in the ngx_http_scgi_module and ngx_http_uwsgi_module

Buffer overread in the ngxhttpscgimodule and ngxhttpuwsgimodule Severity: medium CVE-2026-42946 Not vulnerable: 1.31.0+, 1.30.1+ Vulnerable: 0.8.42-1.30.0...

8.3CVSS5.8AI score0.00932EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder