Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nginx/nginx@1.1.16

Type nginx

Namespace

Name nginx

Version 1.1.16

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.30.2

Latest_non_vulnerable_version 1.31.1

Affected_by_vulnerabilities

url VCID-3e7d-swjf-rqak

vulnerability_id VCID-3e7d-swjf-rqak

summary Buffer overread in the ngx_http_charset_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42934.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42934.json

reference_url	https://my.f5.com/manage/s/article/K000161028
reference_id
reference_type
scores
url	https://my.f5.com/manage/s/article/K000161028

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2477066
reference_id	2477066
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2477066

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-42934
reference_id	CVE-2026-42934
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-42934

fixed_packages

url pkg:nginx/nginx@1.30.1

purl pkg:nginx/nginx@1.30.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-c43b-qk3v-5ufh

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.30.1

url pkg:nginx/nginx@1.31.0

purl pkg:nginx/nginx@1.31.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-c43b-qk3v-5ufh

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.31.0

aliases CVE-2026-42934

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3e7d-swjf-rqak

url VCID-4357-m3y9-cueg

vulnerability_id VCID-4357-m3y9-cueg

summary Buffer overflow in the ngx_http_rewrite_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42945.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42945.json

reference_url	https://my.f5.com/manage/s/article/K000161019
reference_id
reference_type
scores
url	https://my.f5.com/manage/s/article/K000161019

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2477116
reference_id	2477116
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2477116

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-42945
reference_id	CVE-2026-42945
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-42945

reference_url	https://access.redhat.com/errata/RHSA-2026:17417
reference_id	RHSA-2026:17417
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17417

reference_url	https://access.redhat.com/errata/RHSA-2026:17751
reference_id	RHSA-2026:17751
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17751

reference_url	https://access.redhat.com/errata/RHSA-2026:17752
reference_id	RHSA-2026:17752
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17752

reference_url	https://access.redhat.com/errata/RHSA-2026:17753
reference_id	RHSA-2026:17753
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17753

reference_url	https://access.redhat.com/errata/RHSA-2026:17790
reference_id	RHSA-2026:17790
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17790

reference_url	https://access.redhat.com/errata/RHSA-2026:17791
reference_id	RHSA-2026:17791
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17791

reference_url	https://access.redhat.com/errata/RHSA-2026:17792
reference_id	RHSA-2026:17792
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17792

reference_url	https://access.redhat.com/errata/RHSA-2026:17793
reference_id	RHSA-2026:17793
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17793

reference_url	https://access.redhat.com/errata/RHSA-2026:17794
reference_id	RHSA-2026:17794
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17794

reference_url	https://access.redhat.com/errata/RHSA-2026:18029
reference_id	RHSA-2026:18029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18029

reference_url	https://access.redhat.com/errata/RHSA-2026:18041
reference_id	RHSA-2026:18041
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18041

reference_url	https://access.redhat.com/errata/RHSA-2026:18063
reference_id	RHSA-2026:18063
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18063

reference_url	https://access.redhat.com/errata/RHSA-2026:19159
reference_id	RHSA-2026:19159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:19159

reference_url	https://access.redhat.com/errata/RHSA-2026:19371
reference_id	RHSA-2026:19371
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:19371

reference_url	https://access.redhat.com/errata/RHSA-2026:19372
reference_id	RHSA-2026:19372
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:19372

reference_url	https://access.redhat.com/errata/RHSA-2026:19374
reference_id	RHSA-2026:19374
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:19374

reference_url	https://access.redhat.com/errata/RHSA-2026:20442
reference_id	RHSA-2026:20442
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20442

reference_url	https://access.redhat.com/errata/RHSA-2026:20444
reference_id	RHSA-2026:20444
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20444

reference_url	https://access.redhat.com/errata/RHSA-2026:21275
reference_id	RHSA-2026:21275
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:21275

fixed_packages

url pkg:nginx/nginx@1.30.1

purl pkg:nginx/nginx@1.30.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-c43b-qk3v-5ufh

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.30.1

url pkg:nginx/nginx@1.31.0

purl pkg:nginx/nginx@1.31.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-c43b-qk3v-5ufh

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.31.0

aliases CVE-2026-42945

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4357-m3y9-cueg

url VCID-4ad5-1v6d-a7ct

vulnerability_id VCID-4ad5-1v6d-a7ct

summary Buffer overread in the ngx_mail_smtp_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53859.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53859.json

reference_url	https://my.f5.com/manage/s/article/K000152786
reference_id
reference_type
scores
url	https://my.f5.com/manage/s/article/K000152786

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111138
reference_id	1111138
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111138

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2388238
reference_id	2388238
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2388238

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2025-53859
reference_id	CVE-2025-53859
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2025-53859

reference_url	https://access.redhat.com/errata/RHSA-2026:8346
reference_id	RHSA-2026:8346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8346

fixed_packages

url pkg:nginx/nginx@1.29.1

purl pkg:nginx/nginx@1.29.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yva-px8a-b3ch

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-6c8k-v685-73dr

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-fbzu-yrfz-d7h5

vulnerability	VCID-jrtp-hg2y-ffaa

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-rct6-4wt6-p3h2

vulnerability	VCID-xg1t-ggt3-9qhj

vulnerability	VCID-ycw2-tc4v-9ydv

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.29.1

aliases CVE-2025-53859

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ad5-1v6d-a7ct

url VCID-5k9f-43wt-vbbq

vulnerability_id VCID-5k9f-43wt-vbbq

summary Buffer overflow in the ngx_http_mp4_module

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-2089

reference_id

reference_type

scores

value	0.05317
scoring_system	epss
scoring_elements	0.90209
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-2089

reference_url	https://mailman.nginx.org/pipermail/nginx-announce/2012/000080.html
reference_id
reference_type
scores
url	https://mailman.nginx.org/pipermail/nginx-announce/2012/000080.html

reference_url	https://nginx.org/download/patch.2012.mp4.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2012.mp4.txt

reference_url	https://nginx.org/download/patch.2012.mp4.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2012.mp4.txt.asc

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2012-2089
reference_id	CVE-2012-2089
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2012-2089

reference_url	https://security.gentoo.org/glsa/201206-07
reference_id	GLSA-201206-07
reference_type
scores
url	https://security.gentoo.org/glsa/201206-07

fixed_packages

url pkg:nginx/nginx@1.1.19

purl pkg:nginx/nginx@1.1.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-4ad5-1v6d-a7ct

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-fbzu-yrfz-d7h5

vulnerability	VCID-jrtp-hg2y-ffaa

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-rct6-4wt6-p3h2

vulnerability	VCID-xg1t-ggt3-9qhj

vulnerability	VCID-ycw2-tc4v-9ydv

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.1.19

aliases CVE-2012-2089

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5k9f-43wt-vbbq

url VCID-c43b-qk3v-5ufh

vulnerability_id VCID-c43b-qk3v-5ufh

summary Buffer overflow in the ngx_http_rewrite_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9256.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9256.json

reference_url	https://my.f5.com/manage/s/article/K000161377
reference_id
reference_type
scores
url	https://my.f5.com/manage/s/article/K000161377

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137339
reference_id	1137339
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137339

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2480746
reference_id	2480746
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2480746

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-9256
reference_id	CVE-2026-9256
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-9256

reference_url	https://access.redhat.com/errata/RHSA-2026:20351
reference_id	RHSA-2026:20351
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20351

fixed_packages

url	pkg:nginx/nginx@1.30.2
purl	pkg:nginx/nginx@1.30.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.30.2

url	pkg:nginx/nginx@1.31.1
purl	pkg:nginx/nginx@1.31.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.31.1

aliases CVE-2026-9256

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c43b-qk3v-5ufh

url VCID-cy8z-cstx-57a7

vulnerability_id VCID-cy8z-cstx-57a7

summary Memory disclosure with specially crafted backend responses

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-1180

reference_id

reference_type

scores

value	0.04101
scoring_system	epss
scoring_elements	0.8879
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-1180

reference_url	https://mailman.nginx.org/pipermail/nginx-announce/2012/000076.html
reference_id
reference_type
scores
url	https://mailman.nginx.org/pipermail/nginx-announce/2012/000076.html

reference_url	https://nginx.org/download/patch.2012.memory.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2012.memory.txt

reference_url	https://nginx.org/download/patch.2012.memory.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2012.memory.txt.asc

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664137
reference_id	664137
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664137

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2012-1180
reference_id	CVE-2012-1180
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2012-1180

fixed_packages

url pkg:nginx/nginx@1.1.17

purl pkg:nginx/nginx@1.1.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-4ad5-1v6d-a7ct

vulnerability	VCID-5k9f-43wt-vbbq

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-fbzu-yrfz-d7h5

vulnerability	VCID-jrtp-hg2y-ffaa

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-rct6-4wt6-p3h2

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.1.17

aliases CVE-2012-1180

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cy8z-cstx-57a7

url VCID-fbzu-yrfz-d7h5

vulnerability_id VCID-fbzu-yrfz-d7h5

summary Injection in auth_http and XCLIENT

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28753.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28753.json

reference_url	https://my.f5.com/manage/s/article/K000160367
reference_id
reference_type
scores
url	https://my.f5.com/manage/s/article/K000160367

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450780
reference_id	2450780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450780

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-28753
reference_id	CVE-2026-28753
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-28753

reference_url	https://access.redhat.com/errata/RHSA-2026:8346
reference_id	RHSA-2026:8346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8346

fixed_packages

url pkg:nginx/nginx@1.28.3

purl pkg:nginx/nginx@1.28.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-4ad5-1v6d-a7ct

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.28.3

url pkg:nginx/nginx@1.29.7

purl pkg:nginx/nginx@1.29.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-zyvx-umn4-c7cb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.29.7

aliases CVE-2026-28753

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fbzu-yrfz-d7h5

url VCID-jrtp-hg2y-ffaa

vulnerability_id VCID-jrtp-hg2y-ffaa

summary NULL pointer dereference while using CRAM-MD5 or APOP

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27651.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27651.json

reference_url	https://my.f5.com/manage/s/article/K000160383
reference_id
reference_type
scores
url	https://my.f5.com/manage/s/article/K000160383

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450791
reference_id	2450791
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450791

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-27651
reference_id	CVE-2026-27651
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-27651

reference_url	https://access.redhat.com/errata/RHSA-2026:10065
reference_id	RHSA-2026:10065
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10065

reference_url	https://access.redhat.com/errata/RHSA-2026:13634
reference_id	RHSA-2026:13634
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13634

reference_url	https://access.redhat.com/errata/RHSA-2026:13680
reference_id	RHSA-2026:13680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13680

reference_url	https://access.redhat.com/errata/RHSA-2026:13839
reference_id	RHSA-2026:13839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13839

reference_url	https://access.redhat.com/errata/RHSA-2026:14836
reference_id	RHSA-2026:14836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:14836

reference_url	https://access.redhat.com/errata/RHSA-2026:15942
reference_id	RHSA-2026:15942
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15942

reference_url	https://access.redhat.com/errata/RHSA-2026:15943
reference_id	RHSA-2026:15943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15943

reference_url	https://access.redhat.com/errata/RHSA-2026:15945
reference_id	RHSA-2026:15945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15945

reference_url	https://access.redhat.com/errata/RHSA-2026:15966
reference_id	RHSA-2026:15966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15966

reference_url	https://access.redhat.com/errata/RHSA-2026:6906
reference_id	RHSA-2026:6906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6906

reference_url	https://access.redhat.com/errata/RHSA-2026:6907
reference_id	RHSA-2026:6907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6907

reference_url	https://access.redhat.com/errata/RHSA-2026:6923
reference_id	RHSA-2026:6923
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6923

reference_url	https://access.redhat.com/errata/RHSA-2026:7002
reference_id	RHSA-2026:7002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7002

reference_url	https://access.redhat.com/errata/RHSA-2026:7343
reference_id	RHSA-2026:7343
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7343

reference_url	https://access.redhat.com/errata/RHSA-2026:8346
reference_id	RHSA-2026:8346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8346

fixed_packages

url pkg:nginx/nginx@1.28.3

purl pkg:nginx/nginx@1.28.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-4ad5-1v6d-a7ct

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.28.3

url pkg:nginx/nginx@1.29.7

purl pkg:nginx/nginx@1.29.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-zyvx-umn4-c7cb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.29.7

aliases CVE-2026-27651

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jrtp-hg2y-ffaa

url VCID-r9jn-f9yb-vqet

vulnerability_id VCID-r9jn-f9yb-vqet

summary Buffer overread in the ngx_http_scgi_module and ngx_http_uwsgi_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42946.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42946.json

reference_url	https://my.f5.com/manage/s/article/K000161027
reference_id
reference_type
scores
url	https://my.f5.com/manage/s/article/K000161027

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2477132
reference_id	2477132
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2477132

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-42946
reference_id	CVE-2026-42946
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-42946

fixed_packages

url pkg:nginx/nginx@1.30.1

purl pkg:nginx/nginx@1.30.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-c43b-qk3v-5ufh

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.30.1

url pkg:nginx/nginx@1.31.0

purl pkg:nginx/nginx@1.31.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-c43b-qk3v-5ufh

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.31.0

aliases CVE-2026-42946

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r9jn-f9yb-vqet

url VCID-rct6-4wt6-p3h2

vulnerability_id VCID-rct6-4wt6-p3h2

summary Buffer overflow in ngx_http_dav_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27654.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27654.json

reference_url	https://my.f5.com/manage/s/article/K000160382
reference_id
reference_type
scores
url	https://my.f5.com/manage/s/article/K000160382

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450776
reference_id	2450776
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450776

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-27654
reference_id	CVE-2026-27654
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-27654

reference_url	https://access.redhat.com/errata/RHSA-2026:10065
reference_id	RHSA-2026:10065
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10065

reference_url	https://access.redhat.com/errata/RHSA-2026:13634
reference_id	RHSA-2026:13634
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13634

reference_url	https://access.redhat.com/errata/RHSA-2026:13680
reference_id	RHSA-2026:13680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13680

reference_url	https://access.redhat.com/errata/RHSA-2026:13839
reference_id	RHSA-2026:13839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13839

reference_url	https://access.redhat.com/errata/RHSA-2026:14836
reference_id	RHSA-2026:14836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:14836

reference_url	https://access.redhat.com/errata/RHSA-2026:15942
reference_id	RHSA-2026:15942
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15942

reference_url	https://access.redhat.com/errata/RHSA-2026:15943
reference_id	RHSA-2026:15943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15943

reference_url	https://access.redhat.com/errata/RHSA-2026:15945
reference_id	RHSA-2026:15945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15945

reference_url	https://access.redhat.com/errata/RHSA-2026:15966
reference_id	RHSA-2026:15966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15966

reference_url	https://access.redhat.com/errata/RHSA-2026:6906
reference_id	RHSA-2026:6906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6906

reference_url	https://access.redhat.com/errata/RHSA-2026:6907
reference_id	RHSA-2026:6907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6907

reference_url	https://access.redhat.com/errata/RHSA-2026:6923
reference_id	RHSA-2026:6923
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6923

reference_url	https://access.redhat.com/errata/RHSA-2026:7002
reference_id	RHSA-2026:7002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7002

reference_url	https://access.redhat.com/errata/RHSA-2026:7343
reference_id	RHSA-2026:7343
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7343

reference_url	https://access.redhat.com/errata/RHSA-2026:8346
reference_id	RHSA-2026:8346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8346

fixed_packages

url pkg:nginx/nginx@1.28.3

purl pkg:nginx/nginx@1.28.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-4ad5-1v6d-a7ct

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.28.3

url pkg:nginx/nginx@1.29.7

purl pkg:nginx/nginx@1.29.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-zyvx-umn4-c7cb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.29.7

aliases CVE-2026-27654

risk_score 3.7

exploitability 0.5

weighted_severity 7.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rct6-4wt6-p3h2

Fixing_vulnerabilities

Risk_score 3.7

Resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.1.16

Package Instance