41 matches found
CVE-2021-23017
CVE-2021-23017 affects nginx's resolver. A security issue arises from an off-by-one in ngx_resolver_copy when DNS labels are followed by a root-domain pointer, allowing a crafted UDP response to overwrite the least significant byte of the next heap chunk metadata. This can lead to a worker proces...
CVE-2019-9513
CVE-2019-9513 (and related HTTP/2 CVEs) affect nginx and nghttp2. The issues enable denial of service via HTTP/2 resource loops and priority/window manipulation, causing high CPU/memory usage. nginx 1.16.x and nghttp2 are specifically named in advisories; remediation is upgrading to fixed package...
CVE-2023-44487
CVE-2023-44487 – HTTP/2 Rapid Reset DoS Root cause: HTTP/2 stream resets can cause servers to continue processing, leading to unbounded resource consumption and potential DoS when clients rapidly cancel streams. What’s affected: Various HTTP/2 implementations and deployments, including servers, p...
CVE-2018-16843
CVE-2018-16843 affects nginx before 1.15.6 and 1.14.1, where HTTP/2 implementation vulnerabilities in ngx_http_v2_module (if http2 is enabled) can cause excessive memory usage. Connected advisories also reference related CVEs (16844/16845) and show multiple distributions (Debian, Fedora/Red Hat, ...
CVE-2018-16844
CVE-2018-16844 affects nginx before versions 1.15.6 and 1.14.1 where HTTP/2 implementation can cause excessive CPU usage when nginx is built with the ngx_http_v2_module and the listen directive uses http2. The issue is triggered by HTTP/2 handling and is report-backed across multiple providers (D...
CVE-2018-16845
The CVE-2018-16845 issue affects nginx builds that include the ngx_http_mp4_module and the mp4 directive. Vulnerable are nginx versions earlier than 1.15.6 and 1.14.1 (when built with the module). The vulnerability arises from processing a specially crafted MP4 file, which could cause an infinite...
CVE-2019-20372
NGINX (on Amazon Linux 2) is affected by CVE-2019-20372 when configured with certain error_page settings, enabling HTTP request smuggling. The Amazon Linux 2 ALAS advisory ALAS2NGINX1-2023-004 confirms vulnerable 1.17.x/older configurations and provides patched packages: nginx 1.18.0 and related ...
CVE-2019-9511
CVE-2019-9511 is an HTTP/2 denial-of-service issue observed in multiple products where an attacker manipulates HTTP/2 window size and stream prioritization to force queuing of data in 1-byte chunks, potentially exhausting CPU/memory. Connected advisories confirm affected components include nginx ...
CVE-2021-3618
ALPACA (CVE-2021-3618) is an application-layer protocol content confusion attack affecting multiple assets (e.g., nginx, vsftpd, sendmail) where TLS servers configured for different protocols with compatible certificates can allow a MITM attacker to redirect subdomain traffic to another, potentia...
CVE-2019-9516
CVE-2019-9516 is an HTTP/2 header leak vulnerability affecting nginx and several Linux distributions. The issue occurs when an attacker sends streams with 0-length header names and values (optionally Huffman encoded), causing nginx to allocate memory for headers that may be kept until the session...
CVE-2017-7529
The CVE-2017-7529 entry concerns nginx’s range filter module. Affected software: nginx (and nginx-mainline in Arch advisories). Vulnerable component: the HTTP range/filter logic within nginx range filter/module. Root cause: integer overflow when processing crafted byte ranges, leading to informat...
CVE-2022-41741
Summary (CVE-2022-41741) : NGINX Open Source before 1.23.2 and 1.22.1, NGINX Open Source Subscription before R2 P1/R1 P1, and NGINX Plus before R27 P1/R26 P1, that are built with the ngx_http_mp4_module and have the mp4 directive enabled, are vulnerable to local memory corruption in the module. A...
CVE-2025-23419
CVE-2025-23419 affects nginx where multiple server blocks share an IP/port and an attacker can reuse TLS session tickets or the SSL session cache to bypass client certificate authentication on the default server. The issue stems from how session resumption is handled when the default server perfo...
CVE-2016-0746
CVE-2016-0746 is a use-after-free in nginx’s resolver when processing DNS CNAME responses. The issue affects nginx versions before 1.8.1 and 1.9.x before 1.9.10; exploitation could crash worker processes or yield other unspecified impacts. Remediation per connected docs: upgrade to non‑vulnerable...
CVE-2009-3555
CVE-2009-3555 concerns a TLS/SSL renegotiation flaw where renegotiation handshakes were not properly associated with the existing connection, enabling MITM data insertion in HTTPS and other TLS/SSL sessions (Project Mogul). Connected advisories show concrete mitigations and affected software: Pou...
CVE-2022-41742
CVE-2022-41742 affects NGINX ngx_http_mp4_module when mp4 is enabled; a crafted MP4 file can cause local memory disclosure or worker crashes. Affected: NGINX Open Source before 1.23.2 and 1.22.1, NGINX Open Source Subscription before R2 P1/R1 P1, and NGINX Plus before R27 P1/R26 P1. Root cause: p...
CVE-2017-20005
CVE-2017-20005 affects NGINX before 1.13.6. It is a buffer overflow in the autoindex module triggered by modification dates with years exceeding four digits (e.g., 1969 or far-future dates), caused by integer overflow. The CVSSv3.1 vector and score indicate CRITICAL severity. Remediation per sour...
CVE-2013-2070
The CVE concerns nginx proxying behavior and chunked transfer handling. Affected product: nginx with the proxy module/http parsing paths noted in CVE-2013-2070 (versions 1.1.4–1.2.8 and 1.3.0–1.4.0) when proxy_pass is used to untrusted upstream HTTP servers. Root cause: crafted proxy responses ca...
CVE-2013-2028
The CVE-2013-2028 issue affects nginx 1.3.9–1.4.0, where the ngx_http_parse_chunked function mishandles large chunk sizes in chunked Transfer-Encoding. The root cause is an integer signedness error that leads to a stack-based buffer overflow, enabling remote denial of service and potential code e...
CVE-2013-4547
CVE-2013-4547 affects nginx versions 0.8.41–1.4.3 and 1.5.x prior to 1.5.7. Root cause: an unescaped space character in a URI can bypass intended restrictions, enabling remote bypass of access controls as described in the entry. Impact: restriction bypass is possible; exploitation and mitigation ...
CVE-2016-1247
CVE-2016-1247 affects nginx products (Debian, Ubuntu, Gentoo) where older nginx binaries (e.g., Debian jessie <1.6.2-5+deb8u3; Ubuntu 14.04/16.04/16.10 < listed versions; Gentoo ebuild = 1.10.2 on Gentoo, 1.10.2-3 on Arch, newer upstream branches). An in-wild PoC exploit exists (logrotate-b...
CVE-2016-4450
CVE-2016-4450 – nginx denial of service via NULL pointer dereference . Affects nginx before 1.10.1 and 1.11.x before 1.11.1 when saving the client request body to a temporary file. A crafted request can crash a worker process, causing DoS. The underlying issue is a NULL pointer dereference in cod...
CVE-2014-0133
CVE-2014-0133 describes a heap-based buffer overflow in the SPDY implementation of nginx. The vulnerability affects nginx 1.3.15 before 1.4.7 and 1.5.x before 1.5.12, where crafted requests can cause a remote code execution. The root cause is in the SPDY module (ngx_http_spdy_module) handling use...
CVE-2009-2629
CVE-2009-2629 affects the nginx HTTP server, originating from a buffer underflow in ngx_http_parse.c used when processing request URIs. Public sources in the provided documents specify that versions 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 are vulner...
CVE-2016-0742
The CVE-2016-0742 issue affects nginx resolver prior to 1.8.1 and 1.9.x prior to 1.9.10. A crafted UDP DNS response can trigger an invalid pointer dereference, crashing a worker process and causing a denial of service. Affected component: resolver in nginx; root cause: dereference of invalid poin...
CVE-2013-0337
CVE-2013-0337 affects nginx (likely 1.3.13 and earlier) where the default config leaves (1) access.log and (2) error.log world‑readable. This permits local users to read logs and disclose sensitive information. The root cause is insecure log file permissions in the default nginx configuration. Re...
CVE-2016-0747
The CVE-2016-0747 entry affects nginx rescanner behavior: the resolver in nginx (versions prior to 1.8.1 and 1.9.x prior to 1.9.10) does not properly limit CNAME resolution, allowing remote attackers to cause denial of service via excessive name-resolution work. Public details across multiple sou...
CVE-2009-4487
The CVE-2009-4487 issue affects nginx 0.7.64, where non-printable characters logged during HTTP requests can be exploited to alter a window title or potentially execute commands/overwrite files.根 The connected records confirm the vulnerability is real for nginx 0.7.64 and indicate remediation via...
CVE-2014-3616
CVE-2014-3616 affects nginx versions 0.5.6 through 1.7.4. The root cause is reuse of a shared SSL session cache or SSL session_ticket_key for multiple servers, allowing a remote attacker with sufficient privileges to perform a virtual host confusion by reusing a cached SSL session in an unrelated...
CVE-2009-3898
The CVE-2009-3898 issue affects nginx (Engine X) in the WebDAV module (src/http/modules/ngx_http_dav_module.c). A directory traversal flaw via the Destination header in COPY or MOVE can allow remote authenticated users to create or overwrite arbitrary files. Affected versions are nginx before 0.7...
CVE-2009-3896
CVE-2009-3896 affects nginx and its parsing path: the ngx_http_process_request_headers() function in ngx_http_parse.c can dereference a NULL pointer when handling long URIs, leading to denial of service via worker crash. The cited public sources (e.g., GLSA 201203-22) document multiple nginx vuln...
CVE-2010-4180
OpenSSL vulnerability CVE-2010-4180 affects OpenSSL versions before 0.9.8q and 1.0.x before 1.0.0c when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled. The flaw allows remote attackers to modify the ciphersuite in the session cache, enabling a downgrade to an unintended cipher by sniffing net...
CVE-2011-4968
CVE-2011-4968 concerns the nginx http proxy module failing to verify the peer identity of the HTTPS origin server, enabling potential MITM attacks. The vulnerability is described as an information-security issue in the nginx proxy component where TLS peer verification is not performed for upstrea...
CVE-2011-4963
CVE-2011-4963 affects nginx on Windows: vulnerable in 1.3.x before 1.3.1 and 1.2.x before 1.2.1, where specially crafted requests can bypass access restrictions and reach restricted files using a trailing dot or certain "$index_allocation" sequences. Red Hat/OpenVAS/NVD entries corroborate the Wi...
CVE-2012-1180
CVE-2012-1180 affects nginx older branches: use-after-free in memory handling allows a remote HTTP server to obtain sensitive information from process memory via a crafted backend response in conjunction with a client request. Affected: nginx before 1.0.14 and 1.1.x before 1.1.17. Impact details ...
CVE-2010-2263
CVE-2010-2263 is an information-disclosure vulnerability in nginx where, on Windows, an attacker can obtain source code or unparsed files from the web root by appending ::$DATA to the URI. Affected: nginx 0.7.x before 0.7.66 and 0.8.x before 0.8.40. The issue is fixed in 0.7.66 and 0.8.40 release...
CVE-2014-3556
The CVE-2014-3556 entry affects nginx 1.5.x and 1.6.x before 1.6.1 and 1.7.x before 1.7.4. The STARTTLS implementation in mail/ngx_mail_smtp_handler.c allows an MITM to inject commands into encrypted SMTP sessions by sending a cleartext command after TLS is established, due to insufficient I/O bu...
CVE-2011-4315
CVE-2011-4315 describes a heap-based buffer overflow in nginx’s DNS resolver path (core/ngx_resolver.c) that can be triggered by compression-pointer processing. Affected: nginx versions prior to 1.0.10. Impact stated across sources: remote resolvers may cause a denial of service (daemon crash) an...
CVE-2012-2089
The CVE-2012-2089 issue affects nginx and is caused by a buffer overflow in ngx_http_mp4_module.c when the mp4 directive is used. Affected versions are nginx 1.0.7–1.0.14 and 1.1.3–1.1.18, potentially leading to memory overwrite, denial of service, or remote code execution. Remediation in the con...
CVE-2014-0088
The CVE-2014-0088 issue affects nginx 1.5.10, where the SPDY-enabled ngx_http_spdy_module on 32-bit platforms allows remote code execution via a crafted request. The root cause is memory corruption in the SPDY module, leading to arbitrary code execution when processing crafted inputs. The vulnera...
CVE-2010-2266
Technical details about CVE-2010-2266 are not publicly provided in the connected documents. The available sources only reiterate the initial description; no affected versions, root cause, impact, or remediation are present.