VulnerableCode Package Details - pkg:nginx/nginx@1.28.2

Search for packages

Vulnerability	Summary	Fixed by
VCID-2cu7-pyw5-t3dm Aliases: CVE-2026-28753	Injection in auth_http and XCLIENT	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.
VCID-3czf-dtzg-8kdm Aliases: CVE-2026-27651	NULL pointer dereference while using CRAM-MD5 or APOP	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.
VCID-fmvd-vyt7-mkfk Aliases: CVE-2026-27654	Buffer overflow in ngx_http_dav_module	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.
VCID-hemy-pnpj-sfg3 Aliases: CVE-2025-53859	Buffer overread in the ngx_mail_smtp_module	1.29.1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-kpjx-rrjs-subs Aliases: CVE-2026-28755	OCSP result bypass in stream	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.
VCID-sxf9-qr1j-u3et Aliases: CVE-2026-27784	Buffer overflow in the ngx_http_mp4_module	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.
VCID-z3xb-4krg-rbae Aliases: CVE-2026-32647	Buffer overflow in the ngx_http_mp4_module	1.28.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.29.7 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-2cu7-pyw5-t3dm
Aliases:
CVE-2026-28753

Injection in auth_http and XCLIENT

1.28.3
Affected by 1 other vulnerability.

1.29.7
Affected by 0 other vulnerabilities.

VCID-3czf-dtzg-8kdm
Aliases:
CVE-2026-27651

NULL pointer dereference while using CRAM-MD5 or APOP

1.28.3
Affected by 1 other vulnerability.

1.29.7
Affected by 0 other vulnerabilities.

VCID-fmvd-vyt7-mkfk
Aliases:
CVE-2026-27654

Buffer overflow in ngx_http_dav_module

1.28.3
Affected by 1 other vulnerability.

1.29.7
Affected by 0 other vulnerabilities.

VCID-hemy-pnpj-sfg3
Aliases:
CVE-2025-53859

Buffer overread in the ngx_mail_smtp_module

1.29.1
Affected by 7 other vulnerabilities.

VCID-kpjx-rrjs-subs
Aliases:
CVE-2026-28755

OCSP result bypass in stream

1.28.3
Affected by 1 other vulnerability.

1.29.7
Affected by 0 other vulnerabilities.

VCID-sxf9-qr1j-u3et
Aliases:
CVE-2026-27784

Buffer overflow in the ngx_http_mp4_module

1.28.3
Affected by 1 other vulnerability.

1.29.7
Affected by 0 other vulnerabilities.

VCID-z3xb-4krg-rbae
Aliases:
CVE-2026-32647

Buffer overflow in the ngx_http_mp4_module

1.28.3
Affected by 1 other vulnerability.

1.29.7
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-d1c6-dt2p-9kaa	SSL upstream injection	CVE-2026-1642

Vulnerability

Summary

Aliases

VCID-d1c6-dt2p-9kaa

SSL upstream injection

CVE-2026-1642

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T14:14:31.893536+00:00	Nginx Importer	Affected by	VCID-sxf9-qr1j-u3et	https://nginx.org/en/security_advisories.html	38.4.0
2026-04-16T14:14:09.738701+00:00	Nginx Importer	Affected by	VCID-kpjx-rrjs-subs	https://nginx.org/en/security_advisories.html	38.4.0
2026-04-16T14:13:59.387736+00:00	Nginx Importer	Affected by	VCID-3czf-dtzg-8kdm	https://nginx.org/en/security_advisories.html	38.4.0
2026-04-16T14:12:56.411368+00:00	Nginx Importer	Fixing	VCID-d1c6-dt2p-9kaa	https://nginx.org/en/security_advisories.html	38.4.0
2026-04-16T14:12:33.061154+00:00	Nginx Importer	Affected by	VCID-z3xb-4krg-rbae	https://nginx.org/en/security_advisories.html	38.4.0
2026-04-16T14:12:21.666804+00:00	Nginx Importer	Affected by	VCID-fmvd-vyt7-mkfk	https://nginx.org/en/security_advisories.html	38.4.0
2026-04-16T14:12:15.803617+00:00	Nginx Importer	Affected by	VCID-2cu7-pyw5-t3dm	https://nginx.org/en/security_advisories.html	38.4.0
2026-04-16T14:12:04.779582+00:00	Nginx Importer	Affected by	VCID-hemy-pnpj-sfg3	https://nginx.org/en/security_advisories.html	38.4.0
2026-04-11T18:22:03.227718+00:00	Nginx Importer	Affected by	VCID-sxf9-qr1j-u3et	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:21:42.712845+00:00	Nginx Importer	Affected by	VCID-kpjx-rrjs-subs	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:21:33.449299+00:00	Nginx Importer	Affected by	VCID-3czf-dtzg-8kdm	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:20:39.790473+00:00	Nginx Importer	Fixing	VCID-d1c6-dt2p-9kaa	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:20:18.471160+00:00	Nginx Importer	Affected by	VCID-z3xb-4krg-rbae	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:20:08.240317+00:00	Nginx Importer	Affected by	VCID-fmvd-vyt7-mkfk	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:20:02.862236+00:00	Nginx Importer	Affected by	VCID-2cu7-pyw5-t3dm	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-11T18:19:53.376565+00:00	Nginx Importer	Affected by	VCID-hemy-pnpj-sfg3	https://nginx.org/en/security_advisories.html	38.3.0
2026-04-02T17:46:55.011392+00:00	Nginx Importer	Affected by	VCID-sxf9-qr1j-u3et	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:46:33.778200+00:00	Nginx Importer	Affected by	VCID-kpjx-rrjs-subs	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:46:23.567786+00:00	Nginx Importer	Affected by	VCID-3czf-dtzg-8kdm	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:45:23.525923+00:00	Nginx Importer	Fixing	VCID-d1c6-dt2p-9kaa	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:45:01.766801+00:00	Nginx Importer	Affected by	VCID-z3xb-4krg-rbae	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:44:50.748466+00:00	Nginx Importer	Affected by	VCID-fmvd-vyt7-mkfk	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:44:45.139200+00:00	Nginx Importer	Affected by	VCID-2cu7-pyw5-t3dm	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-02T17:44:33.744044+00:00	Nginx Importer	Affected by	VCID-hemy-pnpj-sfg3	https://nginx.org/en/security_advisories.html	38.1.0
2026-04-01T14:37:48.149768+00:00	Nginx Importer	Affected by	VCID-sxf9-qr1j-u3et	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:37:19.864245+00:00	Nginx Importer	Affected by	VCID-kpjx-rrjs-subs	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:37:08.062007+00:00	Nginx Importer	Affected by	VCID-3czf-dtzg-8kdm	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:35:29.234332+00:00	Nginx Importer	Affected by	VCID-z3xb-4krg-rbae	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:35:15.791364+00:00	Nginx Importer	Affected by	VCID-fmvd-vyt7-mkfk	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:35:09.576202+00:00	Nginx Importer	Affected by	VCID-2cu7-pyw5-t3dm	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T14:34:57.657258+00:00	Nginx Importer	Affected by	VCID-hemy-pnpj-sfg3	https://nginx.org/en/security_advisories.html	38.0.0
2026-04-01T12:31:46.002451+00:00	Nginx Importer	Fixing	VCID-d1c6-dt2p-9kaa	https://nginx.org/en/security_advisories.html	38.0.0