VulnerableCode Package Details - pkg:nginx/nginx@1.20.1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:nginx/nginx@1.20.1

Essentials
History (22)

purl	pkg:nginx/nginx@1.20.1

Next non-vulnerable version	1.29.7
Latest non-vulnerable version	1.29.7
Risk	3.7

Vulnerabilities affecting this package (7)

Vulnerability	Summary	Fixed by
VCID-2cu7-pyw5-t3dm Aliases: CVE-2026-28753	Injection in auth_http and XCLIENT	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.
VCID-3czf-dtzg-8kdm Aliases: CVE-2026-27651	NULL pointer dereference while using CRAM-MD5 or APOP	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.
VCID-d1c6-dt2p-9kaa Aliases: CVE-2026-1642	SSL upstream injection	1.28.2 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.29.5 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-fmvd-vyt7-mkfk Aliases: CVE-2026-27654	Buffer overflow in ngx_http_dav_module	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.
VCID-hemy-pnpj-sfg3 Aliases: CVE-2025-53859	Buffer overread in the ngx_mail_smtp_module	1.29.1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-sxf9-qr1j-u3et Aliases: CVE-2026-27784	Buffer overflow in the ngx_http_mp4_module	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.
VCID-z3xb-4krg-rbae Aliases: CVE-2026-32647	Buffer overflow in the ngx_http_mp4_module	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-cbn4-utmp-n7ba	1-byte memory overwrite in resolver	CVE-2021-23017

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-11T18:22:03.085909+00:00	Nginx Importer	Affected by	VCID-sxf9-qr1j-u3et	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:21:33.318333+00:00	Nginx Importer	Affected by	VCID-3czf-dtzg-8kdm	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:20:39.628461+00:00	Nginx Importer	Affected by	VCID-d1c6-dt2p-9kaa	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:20:18.338673+00:00	Nginx Importer	Affected by	VCID-z3xb-4krg-rbae	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:20:08.102456+00:00	Nginx Importer	Affected by	VCID-fmvd-vyt7-mkfk	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:20:02.726521+00:00	Nginx Importer	Affected by	VCID-2cu7-pyw5-t3dm	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:19:53.240664+00:00	Nginx Importer	Affected by	VCID-hemy-pnpj-sfg3	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-02T17:46:54.882821+00:00	Nginx Importer	Affected by	VCID-sxf9-qr1j-u3et	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:46:23.440695+00:00	Nginx Importer	Affected by	VCID-3czf-dtzg-8kdm	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:45:23.378789+00:00	Nginx Importer	Affected by	VCID-d1c6-dt2p-9kaa	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:45:01.636358+00:00	Nginx Importer	Affected by	VCID-z3xb-4krg-rbae	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:44:50.619199+00:00	Nginx Importer	Affected by	VCID-fmvd-vyt7-mkfk	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:44:45.008704+00:00	Nginx Importer	Affected by	VCID-2cu7-pyw5-t3dm	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:44:33.608997+00:00	Nginx Importer	Affected by	VCID-hemy-pnpj-sfg3	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-01T14:37:48.008634+00:00	Nginx Importer	Affected by	VCID-sxf9-qr1j-u3et	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:37:07.930608+00:00	Nginx Importer	Affected by	VCID-3czf-dtzg-8kdm	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:35:56.449416+00:00	Nginx Importer	Affected by	VCID-d1c6-dt2p-9kaa	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:35:29.103525+00:00	Nginx Importer	Affected by	VCID-z3xb-4krg-rbae	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:35:15.640213+00:00	Nginx Importer	Affected by	VCID-fmvd-vyt7-mkfk	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:35:09.441963+00:00	Nginx Importer	Affected by	VCID-2cu7-pyw5-t3dm	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:34:57.504771+00:00	Nginx Importer	Affected by	VCID-hemy-pnpj-sfg3	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T12:31:46.359747+00:00	Nginx Importer	Fixing	VCID-cbn4-utmp-n7ba	https://nginx.org/en/security_advisories.html	38.0.0