Lucene search
K

8 matches found

RedHat Linux
RedHat Linux
added 2026/06/23 11:36 p.m.5 views

nginx: ngx_http_rewrite_module: code execution and denial of service

A flaw was found in the ngxhttprewritemodule module of NGINX. When a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures and a replacement string that references multiple such captures in a redirect or arguments context, an...

9.2CVSS6.6AI score0.04261EPSS
Exploits3References5
OSV
OSV
added 2026/06/01 11:47 a.m.34 views

BIT-NGINX-GATEWAY-2026-9256 NGINX ngx_http_rewrite_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string that references...

9.2CVSS6.2AI score0.04261EPSS
Exploits3References4
Vulnrichment
Vulnrichment
added 2026/05/22 2:11 p.m.11 views

CVE-2026-9256 NGINX ngx_http_rewrite_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string that references...

9.2CVSS6.2AI score0.04261EPSS
Exploits3References1
F5 Networks
F5 Networks
added 2026/05/22 1:48 p.m.101 views

K000161377: NGINX ngx_http_rewrite_module vulnerability CVE-2026-9256

Security Advisory Description NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a...

9.2CVSS6.3AI score0.04261EPSS
Exploits3Affected Software9
OSV
OSV
added 2026/05/21 12:49 p.m.6 views

CLSA-2026-1779367740 Fix CVE(s): CVE-2026-42945

SECURITY UPDATE: fix heap buffer overrun in ngxhttprewritemodule when rewrite is followed by set/if/rewrite with unnamed PCRE captures - debian/patches/CVE-2026-42945.patch: fix heap buffer overrun in ngxhttprewritemodule when rewrite is followed by set/if/rewrite with unnamed PCRE captures -...

9.2CVSS6.1AI score0.61469EPSS
Exploits40References1
OSV
OSV
added 2026/05/18 5:44 p.m.5 views

CLSA-2026-1779126256 Fix CVE(s): CVE-2026-42945

SECURITY UPDATE: fix heap buffer overrun in ngxhttprewritemodule when rewrite is followed by set/if/rewrite with unnamed PCRE captures - debian/patches/CVE-2026-42945.patch: fix heap buffer overrun in ngxhttprewritemodule when rewrite is followed by set/if/rewrite with unnamed PCRE captures -...

9.2CVSS5.9AI score0.61469EPSS
Exploits40References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.4 views

SUSE CVE-2003-0542

Multiple stack-based buffer overflows in 1 modalias and 2 modrewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service crash or execute arbitrary code via a regular expression with more than 9 captures...

7.2CVSS7.9AI score0.1273EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2004/01/14 1:12 p.m.4 views

security flaw

Multiple stack-based buffer overflows in 1 modalias and 2 modrewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service crash or execute arbitrary code via a regular expression with more than 9 captures...

7.2CVSS6.5AI score0.1273EPSS
Exploits0References4
Rows per page
Query Builder