Alibaba Cloud Linux 3 : 0137: nginx (ALINUX3-SA-2026:0137)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0137 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-41741: NGINX Open Source before...

RHEL 9 : nginx:1.26 (RHSA-2026:6427)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6427 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

RHEL 10 : nginx (RHSA-2026:6311)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6311 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections

A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security TLS servers, An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response...

RHEL 9 : nginx (RHSA-2026:6235)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6235 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

RHEL 9 : nginx (RHSA-2026:6182)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6182 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

AlmaLinux 9 : nginx (ALSA-2026:5599)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:5599 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block directly...

nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections

A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security TLS servers, An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response...

Debian dsa-6131 : libnginx-mod-http-geoip - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6131 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6131-1 [email protected] https://www.debian.org/security/...

EUVD-2021-0135

Malware in sbrugna...

EUVD-2022-0156

Malicious code in bioql PyPI...

CVE-2021-39214

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

CVE-2022-24766

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

CVE-2021-39214

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

varnish: remote clients may cause Varnish to assert and restart which could result in DoS

An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss...

Varnish Cache Input Validation Error Vulnerability

Varnish Cache is a set of reverse web caching servers. An input validation error vulnerability exists in Varnish Cache that stems from communication with a TLS proxy using the PROXY v2 version of the protocol. An attacker can exploit this vulnerability to cause assertion failures and daemon...

Inspecting TLS Web Traffic - Part 1

In this series of blogs I'm going to talk about how the continued move towards all web traffic being encrypted has impacted enterprise security. In this blog I'm going to focus on the basics - what is encrypted web traffic and how can you proactively control this. TLS encryption is the de-facto...

Transparent Man-in-the-Middle TLS Proxy: ratched

ratched is a Man-in-the-Middle MitM proxy that specifically intercepts TLS connections. It is intended to be used in conjunction with the Linux iptables REDIRECT target; all connections that should be intercepted can be redirected to the local ratched port. Through the SOORIGINALDST sockopt,...