Search for packages
| purl | pkg:deb/debian/nginx@0.7.67-3%2Bsqueeze3 |
| Next non-vulnerable version | 1.22.1-9+deb12u4 |
| Latest non-vulnerable version | 1.28.3-2 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-22cq-z7km-cfdc
Aliases: CVE-2025-23419 |
SSL session reuse vulnerability |
Affected by 7 other vulnerabilities. |
|
VCID-36pf-ddpb-3khs
Aliases: CVE-2020-11724 |
security update |
Affected by 13 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-3ysf-pvuu-47bs
Aliases: CVE-2019-20372 |
nginx: HTTP request smuggling in configurations with URL redirect used as error_page |
Affected by 13 other vulnerabilities. |
|
VCID-4mqa-bkha-kbaj
Aliases: CVE-2012-4929 |
security update |
Affected by 30 other vulnerabilities. |
|
VCID-64n7-ygvq-cfds
Aliases: CVE-2018-16843 |
Excessive memory usage in HTTP/2 |
Affected by 18 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-9hzg-r1fj-pubf
Aliases: CVE-2019-9513 |
Excessive CPU usage in HTTP/2 with priority changes |
Affected by 18 other vulnerabilities. Affected by 13 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-asr7-uwpu-a7a5
Aliases: CVE-2014-3556 |
STARTTLS command injection |
Affected by 25 other vulnerabilities. |
|
VCID-bana-j1wy-cfdy
Aliases: CVE-2018-16844 |
Excessive CPU usage in HTTP/2 |
Affected by 18 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-c4ta-jqmg-wfgf
Aliases: CVE-2024-33452 |
lua-nginx-module: HTTP request smuggling via a crafted HEAD request |
Affected by 7 other vulnerabilities. |
|
VCID-c9ym-ckeq-63dq
Aliases: CVE-2022-41741 |
Memory corruption in the ngx_http_mp4_module |
Affected by 13 other vulnerabilities. |
|
VCID-cbn4-utmp-n7ba
Aliases: CVE-2021-23017 |
1-byte memory overwrite in resolver |
Affected by 13 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-cjx4-a19z-xufq
Aliases: CVE-2017-7529 |
Integer overflow in the range filter |
Affected by 24 other vulnerabilities. Affected by 18 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-dmv4-ydq9-a7eq
Aliases: CVE-2019-9511 |
Excessive CPU usage in HTTP/2 with small window updates |
Affected by 18 other vulnerabilities. Affected by 13 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-e49f-y1ky-5yb4
Aliases: CVE-2016-0747 |
Insufficient limits of CNAME resolution in resolver |
Affected by 30 other vulnerabilities. Affected by 25 other vulnerabilities. Affected by 18 other vulnerabilities. |
|
VCID-eb23-pd25-yqg3
Aliases: CVE-2024-7347 |
Buffer overread in the ngx_http_mp4_module |
Affected by 7 other vulnerabilities. |
|
VCID-fgaf-wqmd-gqf3
Aliases: CVE-2011-4968 |
nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM) |
Affected by 18 other vulnerabilities. |
|
VCID-jtgk-h6v6-2fgs
Aliases: CVE-2016-0746 |
Use-after-free during CNAME response processing in resolver |
Affected by 30 other vulnerabilities. Affected by 25 other vulnerabilities. Affected by 18 other vulnerabilities. |
|
VCID-kcsp-h1s5-wbea
Aliases: CVE-2019-9516 |
Excessive memory usage in HTTP/2 with zero length headers |
Affected by 18 other vulnerabilities. Affected by 13 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-ktxc-d5t4-bkhg
Aliases: CVE-2011-4315 |
Buffer overflow in resolver |
Affected by 30 other vulnerabilities. |
|
VCID-m1y8-m8z6-kyg9
Aliases: CVE-2014-0133 |
SPDY heap buffer overflow |
Affected by 25 other vulnerabilities. |
|
VCID-m393-anc8-dfgf
Aliases: CVE-2012-2089 |
Buffer overflow in the ngx_http_mp4_module |
Affected by 30 other vulnerabilities. |
|
VCID-nckn-qkc8-t7ge
Aliases: CVE-2018-16845 |
Memory disclosure in the ngx_http_mp4_module |
Affected by 18 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-p933-hxvk-37bk
Aliases: CVE-2016-1247 |
Gentoo's NGINX ebuilds are vulnerable to privilege escalation due to the way log files are handled. |
Affected by 24 other vulnerabilities. Affected by 18 other vulnerabilities. |
|
VCID-pmrf-dxst-p7a7
Aliases: CVE-2013-4547 |
Request line parsing vulnerability |
Affected by 30 other vulnerabilities. Affected by 25 other vulnerabilities. |
|
VCID-qpfs-f882-gqd3
Aliases: CVE-2012-3380 |
Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors. |
Affected by 30 other vulnerabilities. |
|
VCID-qzcz-zvv6-dyda
Aliases: CVE-2016-0742 |
Invalid pointer dereference in resolver |
Affected by 30 other vulnerabilities. Affected by 25 other vulnerabilities. Affected by 18 other vulnerabilities. |
|
VCID-rsr7-p977-tycc
Aliases: CVE-2016-4450 |
NULL pointer dereference while writing client request body |
Affected by 24 other vulnerabilities. Affected by 18 other vulnerabilities. |
|
VCID-u25m-v3f6-23dk
Aliases: CVE-2013-2070 |
Memory disclosure with specially crafted HTTP backend responses |
Affected by 30 other vulnerabilities. Affected by 25 other vulnerabilities. |
|
VCID-u8aq-2qhu-gff5
Aliases: CVE-2021-3618 |
ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication |
Affected by 13 other vulnerabilities. |
|
VCID-uqb5-ensa-8yht
Aliases: DSA-3701-2 nginx |
regression update |
Affected by 24 other vulnerabilities. |
|
VCID-wc3j-5xmu-kyex
Aliases: CVE-2022-41742 |
Memory disclosure in the ngx_http_mp4_module |
Affected by 13 other vulnerabilities. |
|
VCID-wsxq-wqqr-n3ey
Aliases: CVE-2012-1180 |
Memory disclosure with specially crafted backend responses |
Affected by 30 other vulnerabilities. |
|
VCID-x8ck-rceh-ukdw
Aliases: CVE-2014-3616 |
SSL session reuse vulnerability |
Affected by 30 other vulnerabilities. Affected by 25 other vulnerabilities. |
|
VCID-y3tg-7fge-1yfy
Aliases: CVE-2020-36309 |
ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header. |
Affected by 7 other vulnerabilities. |
|
VCID-yu2j-f4q9-bbcx
Aliases: CVE-2017-20005 |
nginx: buffer overflow in ngx_gmtime() triggered by 5 digit years |
Affected by 13 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-g39b-k8vv-kyaq | Null pointer dereference vulnerability |
CVE-2009-3896
|
| VCID-jau7-gfz8-dkfa | The renegotiation vulnerability in SSL protocol |
CVE-2009-3555
GHSA-f7w7-6pjc-wwm6 VU#120541 |
| VCID-mhdp-u59y-2kgw | Buffer underflow vulnerability |
CVE-2009-2629
VU#180065 |
| VCID-t6gs-g1cq-hqem | Directory traversal vulnerability |
CVE-2009-3898
|