26 matches found
CVE-2023-44487
CVE-2023-44487 – HTTP/2 Rapid Reset DoS Root cause: HTTP/2 stream resets can cause servers to continue processing, leading to unbounded resource consumption and potential DoS when clients rapidly cancel streams. What’s affected: Various HTTP/2 implementations and deployments, including servers, p...
CVE-2025-23419
CVE-2025-23419 affects nginx where multiple server blocks share an IP/port and an attacker can reuse TLS session tickets or the SSL session cache to bypass client certificate authentication on the default server. The issue stems from how session resumption is handled when the default server perfo...
CVE-2026-1642
The CVE-2026-1642 entry describes a vulnerability in NGINX OSS and NGINX Plus when configured to proxy to upstream TLS servers. Under a MITM position on the upstream side and conditions outside the attacker’s control, an attacker may inject plain text data into the response from an upstream proxi...
CVE-2024-7347
NGINX/Open Source and Plus are vulnerable when built with ngx_http_mp4_module and the mp4 directive is used; a specially crafted MP4 file can over-read worker memory, potentially terminating the process. Affected versions vary by distribution; several advisories indicate patches are available. Fo...
CVE-2024-24989
CVE-2024-24989 affects NGINX Plus and NGINX Open Source when configured with the HTTP/3 QUIC module. The underlying issue is in the HTTP/3 QUIC module, which can cause NGINX worker processes to terminate, yielding a denial-of-service condition. The vulnerability is tied to the HTTP/3 QUIC module ...
CVE-2026-27654
The CVE-2026-27654 entry affects NGINX Open Source and NGINX Plus via the ngx_http_dav_module. The issue is a buffer overflow that can cause the NGINX worker process to terminate or modify source/destination file names outside the document root. It is triggered when the DAV module MOVE or COPY me...
CVE-2024-24990
Summary of CVE-2024-24990 (NGINX HTTP/3 QUIC): The issue affects NGINX Plus and NGINX Open Source when the HTTP/3 QUIC module is enabled. Undisclosed requests can trigger a denial-of-service by causing NGINX worker processes to terminate. In practice, this is a data-plane DoS with no control-plan...
CVE-2024-31079
CVE-2024-31079 affects NGINX Plus and NGINX Open Source when using the HTTP/3 QUIC module (ngx_http_v3_module). The underlying issue is triggered by undisclosed HTTP/3 requests timed during the connection draining process, causing worker processes to terminate or similar impact. Exploitation stat...
CVE-2024-32760
CVE-2024-32760 affects NGINX Plus and NGINX Open Source when using the HTTP/3 QUIC module (ngx_http_v3_module). The root cause is undisclosed or unspecified HTTP/3 encoder instructions that can cause NGINX worker processes to terminate, leading to DoS or other impact. Observed impact in the conne...
CVE-2026-42945
CVE-2026-42945 affects NGINX Open Source and NGINX Plus via the ngx_http_rewrite_module when a rewrite/if/set directive is followed by a PCRE capture and a replacement containing a question mark. This can cause a heap buffer overflow in the worker process and, on systems with ASLR disabled, poten...
CVE-2026-32647
Summary: NGINX Open Source and NGNIX Plus may be affected when built with the ngx_http_mp4_module and using the mp4 directive. The issue is a vulnerability in the module that can trigger a buffer over-read or over-write in the worker memory, potentially terminating the worker or enabling code exe...
CVE-2024-35200
CVE-2024-35200 affects NGINX Plus and NGINX Open Source when the HTTP/3 QUIC module (ngx_http_v3_module) is enabled. The underlying issue causes NGINX worker processes to terminate after undisclosed HTTP/3 requests, resulting in a denial-of-service. Affected versions (per connected advisories) in...
CVE-2024-34161
CVE-2024-34161 affects NGINX Plus and NGINX Open Source when using the HTTP/3 QUIC module with MTU 4096+ without fragmentation. The root cause is in the HTTP/3 QUIC module (ngx_http_v3_module) handling QUIC packets, which can cause leakage of previously freed memory in NGINX worker processes. The...
CVE-2026-9256
NGINX Plus and NGINX Open Source expose a vulnerability in the ngx_http_rewrite_module when a rewrite directive uses distinct, overlapping PCRE captures (e.g., ^/((.*))$) and the replacement references multiple captures (e.g., $1$2) in redirects or arguments. An unauthenticated attacker can send ...
CVE-2026-42055
CVE-2026-42055 affects NGINX Plus and NGINX Open Source via the ngx_http_proxy_v2_module and ngx_http_grpc_module. A remote, unauthenticated attacker can exploit scenarios where proxy_http_version 2 or grpc_pass is used, ignore_invalid_headers is off, and large_client_header_buffers is set to mul...
CVE-2026-48142
CVE-2026-48142 affects the ngx_http_charset_module in NGINX Plus and NGINX Open Source. When a location block uses both source_charset utf-8 and a charset directive (e.g., charset koi8-r), remote unauthenticated attackers can trigger a heap buffer over-read in the NGINX worker process, causing me...
CVE-2026-27651
CVE-2026-27651 affects the ngx_mail_auth_http_module in NGINX Plus and NGINX Open Source. When CRAM-MD5 or APOP authentication is enabled and the authentication server indicates a retry by returning the Auth-Wait header, undisclosed requests can cause worker processes to terminate. This is the st...
CVE-2025-53859
Technical details about CVE-2025-53859 are not provided in the connected documents. The initial description notes an over-read in NGINX SMTP authentication, but no technical specifics are included here. Monitor for updates.
CVE-2024-39792
CVE-2024-39792 : NGINX Plus configured with the MQTT pre-read module may cause memory resource exhaustion from undisclosed requests, leading to denial of service. The description notes that versions past EoTS are not evaluated. No exploits or mitigations are provided in the sources beyond this vu...
CVE-2022-41743
The CVE-2022-41743 issue affects NGINX Plus versions R27 P1 and R26 P1 with the ngx_http_hls_module. A local attacker could trigger processing of a specially crafted audio/video file to corrupt NGINX worker memory, causing a crash or other impact. Exploitation is Local, requires low privileges, n...
CVE-2026-40460
CVE-2026-40460 affects NGINX Plus ngx_quic_module and NGINX Open Source when HTTP/3 QUIC is enabled. An attacker could spoof the source IP to bypass authorization or rate limiting, potentially enabling unauthorized access or DoS. Remediation per the connected advisory: upgrade to vulnerable-produ...
CVE-2026-42934
The CVE-2026-42934 entry concerns NGINX Plus and NGINX Open Source with a vulnerability in the ngx_http_charset_module. When charset, source_charset, and charset_map are configured together with proxy_pass having buffering disabled, unauthenticated attackers can trigger a heap buffer over-read in...
CVE-2026-40701
The CVE-2026-40701 entry concerns NGINX’s ngx_http_ssl_module where enabling ssl_verify_client (on/optional) with ssl_ocsp (on) or leaf resolver configurations can cause a heap-use-after-free in the NGINX worker process. Impact is limited data modification or worker restart. Affected products inc...
CVE-2026-28753
CVE-2026-28753 affects NGINX Plus and NGINX Open Source through the ngx_mail_smtp_module. The vulnerability arises from improper handling of CRLF sequences in DNS responses, which could allow an attacker-controlled DNS server to inject arbitrary headers into SMTP upstream requests, enabling poten...
CVE-2026-42946
A vulnerability CVE-2026-42946 affects the NGINX ngx_http_scgi_module and ngx_http_uwsgi_module. When scgi_pass or uwsgi_pass is configured, an unauthenticated attacker with MITM control over upstream responses may trigger excessive memory allocation or an out-of-bounds read in the NGINX worker, ...
CVE-2026-28755
CVE-2026-28755 affects both NGINX Plus and NGINX Open Source via the ngx_stream_ssl_module . The vulnerability arises from improper handling of revoked certificates when ssl_verify_client is enabled and ssl_ocsp is on, causing the TLS handshake to succeed even after an OCSP revocation check ident...