nginx

Direct Vulnerabilities

Known vulnerabilities in the nginx package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
M Integer Overflow or Wraparound	<1.28.3-r0
H Out-of-bounds Read	<1.28.3-r0
M Incorrect Authorization	<1.28.3-r0
H NULL Pointer Dereference	<1.28.3-r0
H Heap-based Buffer Overflow	<1.28.3-r0
L CRLF Injection	<1.28.3-r0
M Insufficient Verification of Data Authenticity	<1.28.2-r0
L Out-of-bounds Read	<1.28.2-r0
L Incorrect Authorization	<1.26.3-r0
C Out-of-Bounds	<1.20.2-r2
M Allocation of Resources Without Limits or Throttling	<1.16.1-r0
H CVE-2021-46462	<1.20.2-r2
H Resource Exhaustion	<1.16.1-r0
H CVE-2023-44487	<1.24.0-r12
M Out-of-bounds Read	<1.26.2-r0
H Resource Exhaustion	<1.14.1-r0
C Use After Free	<1.20.2-r2
C Access of Resource Using Incompatible Type ('Type Confusion')	<1.20.2-r2
H Out-of-bounds Write	<1.22.1-r0
H Out-of-bounds Write	<1.22.1-r0
M HTTP Request Smuggling	<1.16.1-r6
H Allocation of Resources Without Limits or Throttling	<1.16.1-r0
H Resource Exhaustion	<1.14.1-r0
H Improper Certificate Validation	<1.20.1-r1
H Off-by-one Error	<1.20.1-r0
M Resource Exhaustion	<1.14.1-r0
H Integer Overflow or Wraparound	<1.12.1-r0