Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2026/03/17 10:41 a.m.3 views

nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections

A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security TLS servers, An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response...

8.2CVSS5.8AI score0.00339EPSS
Exploits0References5
NVD
NVD
added 2026/02/04 3:16 p.m.8 views

CVE-2026-1642

A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data in...

8.2CVSS0.00339EPSS
Exploits0References2
OSV
OSV
added 2026/02/04 3:16 p.m.6 views

ALPINE-CVE-2026-1642

A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data in...

8.2CVSS5.4AI score0.00339EPSS
Exploits0References1
OSV
OSV
added 2026/02/04 3:16 p.m.7 views

AZL-76745 CVE-2026-1642 affecting package nginx for versions less than 1.22.1-15

A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data in...

8.2CVSS5.8AI score0.00339EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/02/04 3:16 p.m.8 views

CVE-2026-1642

A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data in...

8.2CVSS6.1AI score0.00339EPSS
Exploits0References4
Rows per page
Query Builder