Lucene search
+L

4 matches found

NVD
NVD
added 4 days ago9 views

CVE-2026-56434

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...

8.3CVSS0.00387EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-56434 NGINX ngx_http_ssi_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...

8.3CVSS0.00387EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 4 days ago10 views

PT-2026-60184

Name of the Vulnerable Software and Affected Versions NGINX Plus affected versions not specified NGINX Open Source affected versions not specified Description A use-after-free issue exists in the ngx http ssi module module. This occurs when Server-Side Includes SSI, proxy pass, and proxy bufferin...

8.3CVSS5.2AI score0.00387EPSS
Exploits0References13
Github Security Blog
Github Security Blog
added 2025/08/29 4:24 p.m.7 views

Versity panic induced by AWS chunked data sent to port

Sending AWS chunk data with no Content-Length HTTP header causes the panic, every time. Reproduction Setup versity server running on port 7071, no SSL for ease of packet tracing with tshark. Problem can be reproduced with or without SSL on the versity end. Use nginx to reverse proxy on port 7070...

7.1AI score
Exploits0References4Affected Software1
Rows per page
Query Builder