VulnerableCode Package Details - pkg:nginx/nginx@1.27.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:nginx/nginx@1.27.0

Essentials
History (33)

purl	pkg:nginx/nginx@1.27.0

Next non-vulnerable version	1.29.7
Latest non-vulnerable version	1.29.7
Risk	3.7

Vulnerabilities affecting this package (8)

Vulnerability	Summary	Fixed by
VCID-2cu7-pyw5-t3dm Aliases: CVE-2026-28753	Injection in auth_http and XCLIENT	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.
VCID-3czf-dtzg-8kdm Aliases: CVE-2026-27651	NULL pointer dereference while using CRAM-MD5 or APOP	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.
VCID-d1c6-dt2p-9kaa Aliases: CVE-2026-1642	SSL upstream injection	1.28.2 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.29.5 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-eb23-pd25-yqg3 Aliases: CVE-2024-7347	Buffer overread in the ngx_http_mp4_module	1.27.1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-fmvd-vyt7-mkfk Aliases: CVE-2026-27654	Buffer overflow in ngx_http_dav_module	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.
VCID-hemy-pnpj-sfg3 Aliases: CVE-2025-53859	Buffer overread in the ngx_mail_smtp_module	1.29.1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-sxf9-qr1j-u3et Aliases: CVE-2026-27784	Buffer overflow in the ngx_http_mp4_module	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.
VCID-z3xb-4krg-rbae Aliases: CVE-2026-32647	Buffer overflow in the ngx_http_mp4_module	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (4)

Vulnerability	Summary	Aliases
VCID-8mzu-swrb-sqd8	Buffer overwrite in HTTP/3	CVE-2024-32760
VCID-k9vm-jbxf-dbf8	Stack overflow and use-after-free in HTTP/3	CVE-2024-31079
VCID-pchd-6b6f-myds	Memory disclosure in HTTP/3	CVE-2024-34161
VCID-pq29-p7wp-bqe3	NULL pointer dereference in HTTP/3	CVE-2024-35200

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T14:14:31.864352+00:00	Nginx Importer	Affected by	VCID-sxf9-qr1j-u3et	https://nginx.org/en/security_advisories.html	38.4.0
2026-04-16T14:13:59.359731+00:00	Nginx Importer	Affected by	VCID-3czf-dtzg-8kdm	https://nginx.org/en/security_advisories.html	38.4.0
2026-04-16T14:12:56.360909+00:00	Nginx Importer	Affected by	VCID-d1c6-dt2p-9kaa	https://nginx.org/en/security_advisories.html	38.4.0
2026-04-16T14:12:33.029891+00:00	Nginx Importer	Affected by	VCID-z3xb-4krg-rbae	https://nginx.org/en/security_advisories.html	38.4.0
2026-04-16T14:12:21.637154+00:00	Nginx Importer	Affected by	VCID-fmvd-vyt7-mkfk	https://nginx.org/en/security_advisories.html	38.4.0
2026-04-16T14:12:15.774261+00:00	Nginx Importer	Affected by	VCID-2cu7-pyw5-t3dm	https://nginx.org/en/security_advisories.html	38.4.0
2026-04-16T14:12:04.748703+00:00	Nginx Importer	Affected by	VCID-hemy-pnpj-sfg3	https://nginx.org/en/security_advisories.html	38.4.0
2026-04-11T18:22:03.195223+00:00	Nginx Importer	Affected by	VCID-sxf9-qr1j-u3et	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:21:33.418843+00:00	Nginx Importer	Affected by	VCID-3czf-dtzg-8kdm	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:20:39.735724+00:00	Nginx Importer	Affected by	VCID-d1c6-dt2p-9kaa	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:20:18.440703+00:00	Nginx Importer	Affected by	VCID-z3xb-4krg-rbae	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:20:08.208971+00:00	Nginx Importer	Affected by	VCID-fmvd-vyt7-mkfk	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:20:02.828330+00:00	Nginx Importer	Affected by	VCID-2cu7-pyw5-t3dm	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:19:53.345385+00:00	Nginx Importer	Affected by	VCID-hemy-pnpj-sfg3	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-02T17:46:54.981808+00:00	Nginx Importer	Affected by	VCID-sxf9-qr1j-u3et	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:46:23.538997+00:00	Nginx Importer	Affected by	VCID-3czf-dtzg-8kdm	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:45:23.478155+00:00	Nginx Importer	Affected by	VCID-d1c6-dt2p-9kaa	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:45:01.737042+00:00	Nginx Importer	Affected by	VCID-z3xb-4krg-rbae	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:44:50.719294+00:00	Nginx Importer	Affected by	VCID-fmvd-vyt7-mkfk	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:44:45.108929+00:00	Nginx Importer	Affected by	VCID-2cu7-pyw5-t3dm	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:44:33.710981+00:00	Nginx Importer	Affected by	VCID-hemy-pnpj-sfg3	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-01T14:37:48.119216+00:00	Nginx Importer	Affected by	VCID-sxf9-qr1j-u3et	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:37:08.031793+00:00	Nginx Importer	Affected by	VCID-3czf-dtzg-8kdm	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:35:56.554141+00:00	Nginx Importer	Affected by	VCID-d1c6-dt2p-9kaa	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:35:29.204614+00:00	Nginx Importer	Affected by	VCID-z3xb-4krg-rbae	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:35:15.756859+00:00	Nginx Importer	Affected by	VCID-fmvd-vyt7-mkfk	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:35:09.545022+00:00	Nginx Importer	Affected by	VCID-2cu7-pyw5-t3dm	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:34:57.620956+00:00	Nginx Importer	Affected by	VCID-hemy-pnpj-sfg3	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T12:31:46.404823+00:00	Nginx Importer	Fixing	VCID-pchd-6b6f-myds	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T12:31:46.233651+00:00	Nginx Importer	Fixing	VCID-8mzu-swrb-sqd8	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T12:31:46.210630+00:00	Nginx Importer	Fixing	VCID-pq29-p7wp-bqe3	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T12:31:45.699234+00:00	Nginx Importer	Affected by	VCID-eb23-pd25-yqg3	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T12:31:45.602444+00:00	Nginx Importer	Fixing	VCID-k9vm-jbxf-dbf8	https://nginx.org/en/security_advisories.html	38.0.0