VuXML ID | Description |
29194cb8-6e9f-11e1-8376-f0def16c5c1b | nginx -- potential information leak
nginx development team reports:
Matthew Daley recently discovered a security problem
which may lead to a disclosure of previously freed memory
on specially crafted response from an upstream server,
potentially resulting in sensitive information leak.
Discovery 2012-03-15 Entry 2012-03-15 nginx
< 1.0.14,1
nginx-devel
< 1.1.17
http://nginx.net/CHANGES
|
84ca56be-e1de-11e8-bcfd-00e04c1ea73d | NGINX -- Multiple vulnerabilities
NGINX Team reports:
Two security issues were identified in nginx HTTP/2 implementation,
which might cause excessive memory consumption (CVE-2018-16843)
and CPU usage (CVE-2018-16844).
The issues affect nginx compiled with the ngx_http_v2_module (not
compiled by default) if the "http2" option of the "listen" directive is
used in a configuration file.
A security issue was identified in the ngx_http_mp4_module, which might
allow an attacker to cause infinite loop in a worker process, cause a
worker process crash, or might result in worker process memory
isclosure by using a specially crafted mp4 file (CVE-2018-16845).
The issue only affects nginx if it is built with the ngx_http_mp4_module
(the module is not built by default) and the "mp4" directive is used in
the configuration file. Further, the attack is only possible if an
attacker is able to trigger processing of a specially crafted mp4 file
with the ngx_http_mp4_module.
Discovery 2018-11-06 Entry 2018-11-06 nginx
< 1.14.1
nginx-devel
< 1.15.6
http://nginx.org/en/security_advisories.html
CVE-2018-16843
CVE-2018-16844
CVE-2018-16845
|
87679fcb-be60-11e9-9051-4c72b94353b5 | NGINX -- Multiple vulnerabilities
NGINX Team reports:
Several security issues were identified in nginx HTTP/2
implementation which might cause excessive memory consumption
and CPU usage (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516).
The issues affect nginx compiled with the ngx_http_v2_module (not
compiled by default) if the http2 option of the listen directive
is used in a configuration file.
Discovery 2019-08-13 Entry 2019-08-14 Modified 2019-08-14 nginx
< 1.16.1,2
nginx-devel
< 1.17.3
http://nginx.org/en/security_advisories.html
CVE-2019-9511
CVE-2019-9513
CVE-2019-9516
|
c1202de8-4b29-11ea-9673-4c72b94353b5 | NGINX -- HTTP request smuggling
NGINX Team reports:
NGINX before 1.17.7, with certain error_page configurations, allows HTTP
request smuggling, as demonstrated by the ability of an attacker to read
unauthorized web pages in environments where NGINX is being fronted by a
load balancer.
Discovery 2019-12-10 Entry 2020-02-09 nginx
< 1.16.1_11,2
nginx-devel
< 1.17.7
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20372
CVE-2019-20372
|
676d4f16-4fb3-11ed-a374-8c164567ca3c | nginx -- Two vulnerabilities
NGINX Development Team reports:
Two security issues were identified in the ngx_http_mp4_module,
which might allow an attacker to cause a worker process crash
or worker process memory disclosure by using a specially crafted
mp4 file, or might have potential other impact (CVE-2022-41741,
CVE-2022-41742).
Discovery 2022-10-19 Entry 2022-10-19 nginx
ge 1.0.7 lt 1.22.1
nginx-devel
ge 1.1.3 lt 1.23.2
CVE-2022-41741
CVE-2022-41742
https://mailman.nginx.org/archives/list/nginx@nginx.org/thread/F7TMIHDNNU3M52GYS23UWDWW2R2BLVVH/
|
77b784bb-3dc6-11e4-b191-f0def16c5c1b | nginx -- inject commands into SSL session vulnerability
The nginx project reports:
Security: it was possible to reuse SSL sessions in unrelated contexts
if a shared SSL session cache or the same TLS session ticket key was
used for multiple "server" blocks (CVE-2014-3616).
Discovery 2014-09-16 Entry 2014-09-16 nginx
ge 0.6.0 lt 1.6.2,2
nginx-devel
ge 0.5.6 lt 1.7.5
CVE-2014-3616
http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html
|
fc28df92-b233-11e3-99ca-f0def16c5c1b | nginx -- SPDY heap buffer overflow
The nginx project reports:
A bug in the experimental SPDY implementation in nginx was found, which
might allow an attacker to cause a heap memory buffer overflow in a
worker process by using a specially crafted request, potentially
resulting in arbitrary code execution (CVE-2014-0133).
The problem affects nginx 1.3.15 - 1.5.11, compiled with the
ngx_http_spdy_module module (which is not compiled by default) and
without --with-debug configure option, if the "spdy" option of the
"listen" directive is used in a configuration file.
The problem is fixed in nginx 1.5.12, 1.4.7.
Discovery 2014-03-18 Entry 2014-03-23 nginx
< 1.4.7
CVE-2014-0133
http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html
|
94b6264a-5140-11e3-8b22-f0def16c5c1b | nginx -- Request line parsing vulnerability
The nginx project reports:
Ivan Fratric of the Google Security Team discovered a bug in nginx, which might
allow an attacker to bypass security restrictions in certain configurations by
using a specially crafted request, or might have potential other impact
(CVE-2013-4547).
Discovery 2013-11-19 Entry 2013-11-19 nginx
ge 0.8.41 lt 1.4.4,1
nginx-devel
ge 0.8.41 lt 1.5.7
CVE-2013-4547
http://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html
|
c1c18ee1-c711-11e5-96d6-14dae9d210b8 | nginx -- multiple vulnerabilities
Maxim Dounin reports:
Several problems in nginx resolver were identified, which
might allow an attacker to cause worker process crash, or might have
potential other impact if the "resolver" directive
is used in a configuration file.
Discovery 2016-01-26 Entry 2016-01-30 nginx
< 1.8.1,2
nginx-devel
< 1.9.10
http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
CVE-2016-0742
CVE-2016-0746
CVE-2016-0747
|
0882f019-bd60-11eb-9bdd-8c164567ca3c | NGINX -- 1-byte memory overwrite in resolver
NGINX team reports:
1-byte memory overwrite might occur during DNS server response
processing if the "resolver" directive was used, allowing an
attacker who is able to forge UDP packets from the DNS server
to cause worker process crash or, potentially, arbitrary code
execution.
Discovery 2021-05-25 Entry 2021-05-25 nginx
< 1.20.1,2
nginx-devel
< 1.21.0
CVE-2021-23017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017
|
b28adc5b-6693-11e7-ad43-f0def16c5c1b | nginx -- a specially crafted request might result in an integer overflow
Maxim Dounin reports:
A security issue was identified in nginx range filter. A specially
crafted request might result in an integer overflow and incorrect
processing of ranges, potentially resulting in sensitive information
leak (CVE-2017-7529).
Discovery 2017-07-11 Entry 2017-07-11 nginx
ge 0.5.6 lt 1.12.1,2
nginx-devel
ge 0.5.6 lt 1.13.3
http://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html
CVE-2017-7529
|