Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nginx/nginx@1.4.4

Type nginx

Namespace

Name nginx

Version 1.4.4

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.30.2

Latest_non_vulnerable_version 1.31.1

Affected_by_vulnerabilities

url VCID-3e7d-swjf-rqak

vulnerability_id VCID-3e7d-swjf-rqak

summary Buffer overread in the ngx_http_charset_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42934.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42934.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42934

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000161028

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:55:18Z/

url

https://my.f5.com/manage/s/article/K000161028

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2477066
reference_id	2477066
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2477066

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-42934
reference_id	CVE-2026-42934
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-42934

reference_url	https://usn.ubuntu.com/8354-1/
reference_id	USN-8354-1
reference_type
scores
url	https://usn.ubuntu.com/8354-1/

reference_url	https://usn.ubuntu.com/8375-1/
reference_id	USN-8375-1
reference_type
scores
url	https://usn.ubuntu.com/8375-1/

fixed_packages

url pkg:nginx/nginx@1.30.1

purl pkg:nginx/nginx@1.30.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-c43b-qk3v-5ufh

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.30.1

url pkg:nginx/nginx@1.31.0

purl pkg:nginx/nginx@1.31.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-c43b-qk3v-5ufh

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.31.0

aliases CVE-2026-42934

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3e7d-swjf-rqak

url VCID-4357-m3y9-cueg

vulnerability_id VCID-4357-m3y9-cueg

summary Buffer overflow in the ngx_http_rewrite_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42945.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42945.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42945

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000161019

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-13T15:55:27Z/

url

https://my.f5.com/manage/s/article/K000161019

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2477116
reference_id	2477116
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2477116

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-42945
reference_id	CVE-2026-42945
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-42945

reference_url	https://access.redhat.com/errata/RHSA-2026:17417
reference_id	RHSA-2026:17417
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17417

reference_url	https://access.redhat.com/errata/RHSA-2026:17751
reference_id	RHSA-2026:17751
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17751

reference_url	https://access.redhat.com/errata/RHSA-2026:17752
reference_id	RHSA-2026:17752
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17752

reference_url	https://access.redhat.com/errata/RHSA-2026:17753
reference_id	RHSA-2026:17753
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17753

reference_url	https://access.redhat.com/errata/RHSA-2026:17790
reference_id	RHSA-2026:17790
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17790

reference_url	https://access.redhat.com/errata/RHSA-2026:17791
reference_id	RHSA-2026:17791
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17791

reference_url	https://access.redhat.com/errata/RHSA-2026:17792
reference_id	RHSA-2026:17792
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17792

reference_url	https://access.redhat.com/errata/RHSA-2026:17793
reference_id	RHSA-2026:17793
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17793

reference_url	https://access.redhat.com/errata/RHSA-2026:17794
reference_id	RHSA-2026:17794
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17794

reference_url	https://access.redhat.com/errata/RHSA-2026:18029
reference_id	RHSA-2026:18029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18029

reference_url	https://access.redhat.com/errata/RHSA-2026:18041
reference_id	RHSA-2026:18041
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18041

reference_url	https://access.redhat.com/errata/RHSA-2026:18063
reference_id	RHSA-2026:18063
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18063

reference_url	https://access.redhat.com/errata/RHSA-2026:19159
reference_id	RHSA-2026:19159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:19159

reference_url	https://access.redhat.com/errata/RHSA-2026:19371
reference_id	RHSA-2026:19371
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:19371

reference_url	https://access.redhat.com/errata/RHSA-2026:19372
reference_id	RHSA-2026:19372
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:19372

reference_url	https://access.redhat.com/errata/RHSA-2026:19374
reference_id	RHSA-2026:19374
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:19374

reference_url	https://access.redhat.com/errata/RHSA-2026:20442
reference_id	RHSA-2026:20442
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20442

reference_url	https://access.redhat.com/errata/RHSA-2026:20444
reference_id	RHSA-2026:20444
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20444

reference_url	https://access.redhat.com/errata/RHSA-2026:21275
reference_id	RHSA-2026:21275
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:21275

reference_url	https://usn.ubuntu.com/8271-1/
reference_id	USN-8271-1
reference_type
scores
url	https://usn.ubuntu.com/8271-1/

reference_url	https://usn.ubuntu.com/8375-1/
reference_id	USN-8375-1
reference_type
scores
url	https://usn.ubuntu.com/8375-1/

fixed_packages

url pkg:nginx/nginx@1.30.1

purl pkg:nginx/nginx@1.30.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-c43b-qk3v-5ufh

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.30.1

url pkg:nginx/nginx@1.31.0

purl pkg:nginx/nginx@1.31.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-c43b-qk3v-5ufh

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.31.0

aliases CVE-2026-42945

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4357-m3y9-cueg

url VCID-4ad5-1v6d-a7ct

vulnerability_id VCID-4ad5-1v6d-a7ct

summary Buffer overread in the ngx_mail_smtp_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53859.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53859.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53859

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000152786

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T15:06:23Z/

url

https://my.f5.com/manage/s/article/K000152786

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111138
reference_id	1111138
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111138

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2388238
reference_id	2388238
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2388238

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2025-53859
reference_id	CVE-2025-53859
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2025-53859

reference_url	https://access.redhat.com/errata/RHSA-2026:8346
reference_id	RHSA-2026:8346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8346

reference_url	https://usn.ubuntu.com/7715-1/
reference_id	USN-7715-1
reference_type
scores
url	https://usn.ubuntu.com/7715-1/

reference_url	https://usn.ubuntu.com/8375-1/
reference_id	USN-8375-1
reference_type
scores
url	https://usn.ubuntu.com/8375-1/

fixed_packages

url pkg:nginx/nginx@1.29.1

purl pkg:nginx/nginx@1.29.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yva-px8a-b3ch

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-6c8k-v685-73dr

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-fbzu-yrfz-d7h5

vulnerability	VCID-jrtp-hg2y-ffaa

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-rct6-4wt6-p3h2

vulnerability	VCID-xg1t-ggt3-9qhj

vulnerability	VCID-ycw2-tc4v-9ydv

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.29.1

aliases CVE-2025-53859

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ad5-1v6d-a7ct

url VCID-6c8k-v685-73dr

vulnerability_id VCID-6c8k-v685-73dr

summary SSL upstream injection

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1642.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1642.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1642
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1642

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000159824

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T16:01:47Z/

url

https://my.f5.com/manage/s/article/K000159824

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127053
reference_id	1127053
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127053

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2436738
reference_id	2436738
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2436738

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-1642
reference_id	CVE-2026-1642
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-1642

reference_url	https://access.redhat.com/errata/RHSA-2026:10065
reference_id	RHSA-2026:10065
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10065

reference_url	https://access.redhat.com/errata/RHSA-2026:3638
reference_id	RHSA-2026:3638
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3638

reference_url	https://access.redhat.com/errata/RHSA-2026:4235
reference_id	RHSA-2026:4235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4235

reference_url	https://access.redhat.com/errata/RHSA-2026:4501
reference_id	RHSA-2026:4501
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4501

reference_url	https://access.redhat.com/errata/RHSA-2026:4705
reference_id	RHSA-2026:4705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4705

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://access.redhat.com/errata/RHSA-2026:5581
reference_id	RHSA-2026:5581
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5581

reference_url	https://access.redhat.com/errata/RHSA-2026:5599
reference_id	RHSA-2026:5599
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5599

reference_url	https://access.redhat.com/errata/RHSA-2026:6182
reference_id	RHSA-2026:6182
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6182

reference_url	https://access.redhat.com/errata/RHSA-2026:6234
reference_id	RHSA-2026:6234
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6234

reference_url	https://access.redhat.com/errata/RHSA-2026:6235
reference_id	RHSA-2026:6235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6235

reference_url	https://access.redhat.com/errata/RHSA-2026:6302
reference_id	RHSA-2026:6302
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6302

reference_url	https://access.redhat.com/errata/RHSA-2026:6311
reference_id	RHSA-2026:6311
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6311

reference_url	https://access.redhat.com/errata/RHSA-2026:6407
reference_id	RHSA-2026:6407
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6407

reference_url	https://access.redhat.com/errata/RHSA-2026:6408
reference_id	RHSA-2026:6408
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6408

reference_url	https://access.redhat.com/errata/RHSA-2026:6427
reference_id	RHSA-2026:6427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6427

reference_url	https://access.redhat.com/errata/RHSA-2026:8346
reference_id	RHSA-2026:8346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8346

reference_url	https://usn.ubuntu.com/8038-1/
reference_id	USN-8038-1
reference_type
scores
url	https://usn.ubuntu.com/8038-1/

reference_url	https://usn.ubuntu.com/8375-1/
reference_id	USN-8375-1
reference_type
scores
url	https://usn.ubuntu.com/8375-1/

fixed_packages

url pkg:nginx/nginx@1.28.2

purl pkg:nginx/nginx@1.28.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yva-px8a-b3ch

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-4ad5-1v6d-a7ct

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-fbzu-yrfz-d7h5

vulnerability	VCID-jrtp-hg2y-ffaa

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-rct6-4wt6-p3h2

vulnerability	VCID-xg1t-ggt3-9qhj

vulnerability	VCID-ycw2-tc4v-9ydv

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.28.2

url pkg:nginx/nginx@1.29.5

purl pkg:nginx/nginx@1.29.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yva-px8a-b3ch

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-fbzu-yrfz-d7h5

vulnerability	VCID-jrtp-hg2y-ffaa

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-rct6-4wt6-p3h2

vulnerability	VCID-xg1t-ggt3-9qhj

vulnerability	VCID-ycw2-tc4v-9ydv

vulnerability	VCID-zyvx-umn4-c7cb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.29.5

aliases CVE-2026-1642

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6c8k-v685-73dr

url VCID-9kw2-eedk-5kcm

vulnerability_id VCID-9kw2-eedk-5kcm

summary SPDY heap buffer overflow

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0133.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0133.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0133

reference_id

reference_type

scores

value	0.18581
scoring_system	epss
scoring_elements	0.95382
published_at	2026-06-04T12:55:00Z

value	0.18581
scoring_system	epss
scoring_elements	0.9539
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0133

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0133
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0133

reference_url	https://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html
reference_id
reference_type
scores
url	https://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html

reference_url	https://nginx.org/download/patch.2014.spdy2.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2014.spdy2.txt

reference_url	https://nginx.org/download/patch.2014.spdy2.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2014.spdy2.txt.asc

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1077988
reference_id	1077988
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1077988

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742059
reference_id	742059
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742059

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2014-0133
reference_id	CVE-2014-0133
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2014-0133

reference_url	https://security.gentoo.org/glsa/201406-20
reference_id	GLSA-201406-20
reference_type
scores
url	https://security.gentoo.org/glsa/201406-20

fixed_packages

url pkg:nginx/nginx@1.4.7

purl pkg:nginx/nginx@1.4.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-4ad5-1v6d-a7ct

vulnerability	VCID-6c8k-v685-73dr

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-fbzu-yrfz-d7h5

vulnerability	VCID-jrtp-hg2y-ffaa

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-rct6-4wt6-p3h2

vulnerability	VCID-xg1t-ggt3-9qhj

vulnerability	VCID-ycw2-tc4v-9ydv

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.4.7

url pkg:nginx/nginx@1.5.12

purl pkg:nginx/nginx@1.5.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-4ad5-1v6d-a7ct

vulnerability	VCID-6c8k-v685-73dr

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-fbzu-yrfz-d7h5

vulnerability	VCID-jrtp-hg2y-ffaa

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-rct6-4wt6-p3h2

vulnerability	VCID-xg1t-ggt3-9qhj

vulnerability	VCID-ycw2-tc4v-9ydv

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.5.12

aliases CVE-2014-0133

risk_score 0.1

exploitability 0.5

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9kw2-eedk-5kcm

url VCID-c43b-qk3v-5ufh

vulnerability_id VCID-c43b-qk3v-5ufh

summary Buffer overflow in the ngx_http_rewrite_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9256.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9256.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9256
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9256

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000161377

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T14:50:29Z/

url

https://my.f5.com/manage/s/article/K000161377

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137339
reference_id	1137339
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137339

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2480746
reference_id	2480746
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2480746

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-9256
reference_id	CVE-2026-9256
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-9256

reference_url	https://access.redhat.com/errata/RHSA-2026:20351
reference_id	RHSA-2026:20351
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20351

reference_url	https://usn.ubuntu.com/8354-1/
reference_id	USN-8354-1
reference_type
scores
url	https://usn.ubuntu.com/8354-1/

reference_url	https://usn.ubuntu.com/8375-1/
reference_id	USN-8375-1
reference_type
scores
url	https://usn.ubuntu.com/8375-1/

fixed_packages

url	pkg:nginx/nginx@1.30.2
purl	pkg:nginx/nginx@1.30.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.30.2

url	pkg:nginx/nginx@1.31.1
purl	pkg:nginx/nginx@1.31.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.31.1

aliases CVE-2026-9256

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c43b-qk3v-5ufh

url VCID-fbzu-yrfz-d7h5

vulnerability_id VCID-fbzu-yrfz-d7h5

summary Injection in auth_http and XCLIENT

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28753.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28753.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28753

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000160367

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:24:28Z/

url

https://my.f5.com/manage/s/article/K000160367

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450780
reference_id	2450780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450780

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-28753
reference_id	CVE-2026-28753
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-28753

reference_url	https://access.redhat.com/errata/RHSA-2026:8346
reference_id	RHSA-2026:8346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8346

reference_url	https://usn.ubuntu.com/8210-1/
reference_id	USN-8210-1
reference_type
scores
url	https://usn.ubuntu.com/8210-1/

reference_url	https://usn.ubuntu.com/8375-1/
reference_id	USN-8375-1
reference_type
scores
url	https://usn.ubuntu.com/8375-1/

fixed_packages

url pkg:nginx/nginx@1.28.3

purl pkg:nginx/nginx@1.28.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-4ad5-1v6d-a7ct

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.28.3

url pkg:nginx/nginx@1.29.7

purl pkg:nginx/nginx@1.29.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-zyvx-umn4-c7cb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.29.7

aliases CVE-2026-28753

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fbzu-yrfz-d7h5

url VCID-jrtp-hg2y-ffaa

vulnerability_id VCID-jrtp-hg2y-ffaa

summary NULL pointer dereference while using CRAM-MD5 or APOP

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27651.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27651.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27651

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000160383

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:02:03Z/

url

https://my.f5.com/manage/s/article/K000160383

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450791
reference_id	2450791
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450791

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-27651
reference_id	CVE-2026-27651
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-27651

reference_url	https://access.redhat.com/errata/RHSA-2026:10065
reference_id	RHSA-2026:10065
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10065

reference_url	https://access.redhat.com/errata/RHSA-2026:13634
reference_id	RHSA-2026:13634
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13634

reference_url	https://access.redhat.com/errata/RHSA-2026:13680
reference_id	RHSA-2026:13680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13680

reference_url	https://access.redhat.com/errata/RHSA-2026:13839
reference_id	RHSA-2026:13839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13839

reference_url	https://access.redhat.com/errata/RHSA-2026:14836
reference_id	RHSA-2026:14836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:14836

reference_url	https://access.redhat.com/errata/RHSA-2026:15942
reference_id	RHSA-2026:15942
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15942

reference_url	https://access.redhat.com/errata/RHSA-2026:15943
reference_id	RHSA-2026:15943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15943

reference_url	https://access.redhat.com/errata/RHSA-2026:15945
reference_id	RHSA-2026:15945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15945

reference_url	https://access.redhat.com/errata/RHSA-2026:15966
reference_id	RHSA-2026:15966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15966

reference_url	https://access.redhat.com/errata/RHSA-2026:6906
reference_id	RHSA-2026:6906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6906

reference_url	https://access.redhat.com/errata/RHSA-2026:6907
reference_id	RHSA-2026:6907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6907

reference_url	https://access.redhat.com/errata/RHSA-2026:6923
reference_id	RHSA-2026:6923
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6923

reference_url	https://access.redhat.com/errata/RHSA-2026:7002
reference_id	RHSA-2026:7002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7002

reference_url	https://access.redhat.com/errata/RHSA-2026:7343
reference_id	RHSA-2026:7343
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7343

reference_url	https://access.redhat.com/errata/RHSA-2026:8346
reference_id	RHSA-2026:8346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8346

reference_url	https://usn.ubuntu.com/8210-1/
reference_id	USN-8210-1
reference_type
scores
url	https://usn.ubuntu.com/8210-1/

reference_url	https://usn.ubuntu.com/8375-1/
reference_id	USN-8375-1
reference_type
scores
url	https://usn.ubuntu.com/8375-1/

fixed_packages

url pkg:nginx/nginx@1.28.3

purl pkg:nginx/nginx@1.28.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-4ad5-1v6d-a7ct

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.28.3

url pkg:nginx/nginx@1.29.7

purl pkg:nginx/nginx@1.29.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-zyvx-umn4-c7cb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.29.7

aliases CVE-2026-27651

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jrtp-hg2y-ffaa

url VCID-r9jn-f9yb-vqet

vulnerability_id VCID-r9jn-f9yb-vqet

summary Buffer overread in the ngx_http_scgi_module and ngx_http_uwsgi_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42946.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42946.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42946

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000161027

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

value	8.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:55:04Z/

url

https://my.f5.com/manage/s/article/K000161027

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2477132
reference_id	2477132
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2477132

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-42946
reference_id	CVE-2026-42946
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-42946

reference_url	https://usn.ubuntu.com/8354-1/
reference_id	USN-8354-1
reference_type
scores
url	https://usn.ubuntu.com/8354-1/

reference_url	https://usn.ubuntu.com/8375-1/
reference_id	USN-8375-1
reference_type
scores
url	https://usn.ubuntu.com/8375-1/

fixed_packages

url pkg:nginx/nginx@1.30.1

purl pkg:nginx/nginx@1.30.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-c43b-qk3v-5ufh

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.30.1

url pkg:nginx/nginx@1.31.0

purl pkg:nginx/nginx@1.31.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-c43b-qk3v-5ufh

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.31.0

aliases CVE-2026-42946

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r9jn-f9yb-vqet

url VCID-rct6-4wt6-p3h2

vulnerability_id VCID-rct6-4wt6-p3h2

summary Buffer overflow in ngx_http_dav_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27654.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27654.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27654
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27654

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000160382

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	8.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:14:50Z/

url

https://my.f5.com/manage/s/article/K000160382

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450776
reference_id	2450776
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450776

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-27654
reference_id	CVE-2026-27654
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-27654

reference_url	https://access.redhat.com/errata/RHSA-2026:10065
reference_id	RHSA-2026:10065
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10065

reference_url	https://access.redhat.com/errata/RHSA-2026:13634
reference_id	RHSA-2026:13634
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13634

reference_url	https://access.redhat.com/errata/RHSA-2026:13680
reference_id	RHSA-2026:13680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13680

reference_url	https://access.redhat.com/errata/RHSA-2026:13839
reference_id	RHSA-2026:13839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13839

reference_url	https://access.redhat.com/errata/RHSA-2026:14836
reference_id	RHSA-2026:14836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:14836

reference_url	https://access.redhat.com/errata/RHSA-2026:15942
reference_id	RHSA-2026:15942
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15942

reference_url	https://access.redhat.com/errata/RHSA-2026:15943
reference_id	RHSA-2026:15943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15943

reference_url	https://access.redhat.com/errata/RHSA-2026:15945
reference_id	RHSA-2026:15945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15945

reference_url	https://access.redhat.com/errata/RHSA-2026:15966
reference_id	RHSA-2026:15966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15966

reference_url	https://access.redhat.com/errata/RHSA-2026:6906
reference_id	RHSA-2026:6906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6906

reference_url	https://access.redhat.com/errata/RHSA-2026:6907
reference_id	RHSA-2026:6907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6907

reference_url	https://access.redhat.com/errata/RHSA-2026:6923
reference_id	RHSA-2026:6923
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6923

reference_url	https://access.redhat.com/errata/RHSA-2026:7002
reference_id	RHSA-2026:7002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7002

reference_url	https://access.redhat.com/errata/RHSA-2026:7343
reference_id	RHSA-2026:7343
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7343

reference_url	https://access.redhat.com/errata/RHSA-2026:8346
reference_id	RHSA-2026:8346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8346

reference_url	https://usn.ubuntu.com/8210-1/
reference_id	USN-8210-1
reference_type
scores
url	https://usn.ubuntu.com/8210-1/

reference_url	https://usn.ubuntu.com/8375-1/
reference_id	USN-8375-1
reference_type
scores
url	https://usn.ubuntu.com/8375-1/

fixed_packages

url pkg:nginx/nginx@1.28.3

purl pkg:nginx/nginx@1.28.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-4ad5-1v6d-a7ct

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.28.3

url pkg:nginx/nginx@1.29.7

purl pkg:nginx/nginx@1.29.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-zyvx-umn4-c7cb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.29.7

aliases CVE-2026-27654

risk_score 3.7

exploitability 0.5

weighted_severity 7.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rct6-4wt6-p3h2

url VCID-xg1t-ggt3-9qhj

vulnerability_id VCID-xg1t-ggt3-9qhj

summary Buffer overflow in the ngx_http_mp4_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27784.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27784.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27784

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000160364

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:53Z/

url

https://my.f5.com/manage/s/article/K000160364

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450785
reference_id	2450785
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450785

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-27784
reference_id	CVE-2026-27784
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-27784

reference_url	https://access.redhat.com/errata/RHSA-2026:10065
reference_id	RHSA-2026:10065
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10065

reference_url	https://access.redhat.com/errata/RHSA-2026:13634
reference_id	RHSA-2026:13634
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13634

reference_url	https://access.redhat.com/errata/RHSA-2026:13680
reference_id	RHSA-2026:13680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13680

reference_url	https://access.redhat.com/errata/RHSA-2026:13839
reference_id	RHSA-2026:13839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13839

reference_url	https://access.redhat.com/errata/RHSA-2026:14836
reference_id	RHSA-2026:14836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:14836

reference_url	https://access.redhat.com/errata/RHSA-2026:15942
reference_id	RHSA-2026:15942
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15942

reference_url	https://access.redhat.com/errata/RHSA-2026:15943
reference_id	RHSA-2026:15943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15943

reference_url	https://access.redhat.com/errata/RHSA-2026:15945
reference_id	RHSA-2026:15945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15945

reference_url	https://access.redhat.com/errata/RHSA-2026:15966
reference_id	RHSA-2026:15966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15966

reference_url	https://access.redhat.com/errata/RHSA-2026:6906
reference_id	RHSA-2026:6906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6906

reference_url	https://access.redhat.com/errata/RHSA-2026:6907
reference_id	RHSA-2026:6907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6907

reference_url	https://access.redhat.com/errata/RHSA-2026:6923
reference_id	RHSA-2026:6923
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6923

reference_url	https://access.redhat.com/errata/RHSA-2026:7002
reference_id	RHSA-2026:7002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7002

reference_url	https://access.redhat.com/errata/RHSA-2026:7343
reference_id	RHSA-2026:7343
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7343

reference_url	https://access.redhat.com/errata/RHSA-2026:8346
reference_id	RHSA-2026:8346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8346

reference_url	https://usn.ubuntu.com/8210-1/
reference_id	USN-8210-1
reference_type
scores
url	https://usn.ubuntu.com/8210-1/

reference_url	https://usn.ubuntu.com/8375-1/
reference_id	USN-8375-1
reference_type
scores
url	https://usn.ubuntu.com/8375-1/

fixed_packages

url pkg:nginx/nginx@1.28.3

purl pkg:nginx/nginx@1.28.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-4ad5-1v6d-a7ct

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.28.3

url pkg:nginx/nginx@1.29.7

purl pkg:nginx/nginx@1.29.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-zyvx-umn4-c7cb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.29.7

aliases CVE-2026-27784

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xg1t-ggt3-9qhj

url VCID-ycw2-tc4v-9ydv

vulnerability_id VCID-ycw2-tc4v-9ydv

summary Buffer overflow in the ngx_http_mp4_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32647.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32647.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32647
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32647

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000160366

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:51:04Z/

url

https://my.f5.com/manage/s/article/K000160366

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2449598
reference_id	2449598
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2449598

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-32647
reference_id	CVE-2026-32647
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-32647

reference_url	https://access.redhat.com/errata/RHSA-2026:10065
reference_id	RHSA-2026:10065
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10065

reference_url	https://access.redhat.com/errata/RHSA-2026:13634
reference_id	RHSA-2026:13634
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13634

reference_url	https://access.redhat.com/errata/RHSA-2026:13680
reference_id	RHSA-2026:13680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13680

reference_url	https://access.redhat.com/errata/RHSA-2026:13839
reference_id	RHSA-2026:13839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13839

reference_url	https://access.redhat.com/errata/RHSA-2026:14836
reference_id	RHSA-2026:14836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:14836

reference_url	https://access.redhat.com/errata/RHSA-2026:15942
reference_id	RHSA-2026:15942
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15942

reference_url	https://access.redhat.com/errata/RHSA-2026:15943
reference_id	RHSA-2026:15943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15943

reference_url	https://access.redhat.com/errata/RHSA-2026:15945
reference_id	RHSA-2026:15945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15945

reference_url	https://access.redhat.com/errata/RHSA-2026:15966
reference_id	RHSA-2026:15966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15966

reference_url	https://access.redhat.com/errata/RHSA-2026:6906
reference_id	RHSA-2026:6906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6906

reference_url	https://access.redhat.com/errata/RHSA-2026:6907
reference_id	RHSA-2026:6907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6907

reference_url	https://access.redhat.com/errata/RHSA-2026:6923
reference_id	RHSA-2026:6923
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6923

reference_url	https://access.redhat.com/errata/RHSA-2026:7002
reference_id	RHSA-2026:7002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7002

reference_url	https://access.redhat.com/errata/RHSA-2026:7343
reference_id	RHSA-2026:7343
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7343

reference_url	https://access.redhat.com/errata/RHSA-2026:8346
reference_id	RHSA-2026:8346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8346

reference_url	https://usn.ubuntu.com/8210-1/
reference_id	USN-8210-1
reference_type
scores
url	https://usn.ubuntu.com/8210-1/

reference_url	https://usn.ubuntu.com/8375-1/
reference_id	USN-8375-1
reference_type
scores
url	https://usn.ubuntu.com/8375-1/

fixed_packages

url pkg:nginx/nginx@1.28.3

purl pkg:nginx/nginx@1.28.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-4ad5-1v6d-a7ct

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.28.3

url pkg:nginx/nginx@1.29.7

purl pkg:nginx/nginx@1.29.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-cn2h-kyx1-hybu

vulnerability	VCID-e8pc-c4cg-e3h1

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-zyvx-umn4-c7cb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.29.7

aliases CVE-2026-32647

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ycw2-tc4v-9ydv

Fixing_vulnerabilities

url VCID-gwhr-bmbb-4fhs

vulnerability_id VCID-gwhr-bmbb-4fhs

summary Request line parsing vulnerability

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-4547

reference_id

reference_type

scores

value	0.90921
scoring_system	epss
scoring_elements	0.99646
published_at	2026-06-04T12:55:00Z

value	0.90921
scoring_system	epss
scoring_elements	0.99647
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-4547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html

reference_url	https://nginx.org/download/patch.2013.space.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.space.txt

reference_url	https://nginx.org/download/patch.2013.space.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.space.txt.asc

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730012
reference_id	730012
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730012

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2013-4547
reference_id	CVE-2013-4547
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2013-4547

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/38846.txt
reference_id	CVE-2013-4547;OSVDB-100015
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/38846.txt

reference_url	https://www.securityfocus.com/bid/63814/info
reference_id	CVE-2013-4547;OSVDB-100015
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/63814/info

fixed_packages

url pkg:nginx/nginx@1.4.4

purl pkg:nginx/nginx@1.4.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-4ad5-1v6d-a7ct

vulnerability	VCID-6c8k-v685-73dr

vulnerability	VCID-9kw2-eedk-5kcm

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-fbzu-yrfz-d7h5

vulnerability	VCID-jrtp-hg2y-ffaa

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-rct6-4wt6-p3h2

vulnerability	VCID-xg1t-ggt3-9qhj

vulnerability	VCID-ycw2-tc4v-9ydv

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.4.4

url pkg:nginx/nginx@1.5.7

purl pkg:nginx/nginx@1.5.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e7d-swjf-rqak

vulnerability	VCID-4357-m3y9-cueg

vulnerability	VCID-4ad5-1v6d-a7ct

vulnerability	VCID-6c8k-v685-73dr

vulnerability	VCID-9kw2-eedk-5kcm

vulnerability	VCID-c43b-qk3v-5ufh

vulnerability	VCID-fbzu-yrfz-d7h5

vulnerability	VCID-jrtp-hg2y-ffaa

vulnerability	VCID-r9jn-f9yb-vqet

vulnerability	VCID-rct6-4wt6-p3h2

vulnerability	VCID-xg1t-ggt3-9qhj

vulnerability	VCID-ycw2-tc4v-9ydv

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.5.7

aliases CVE-2013-4547

risk_score 7.0

exploitability 2.0

weighted_severity 3.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gwhr-bmbb-4fhs

Risk_score 3.7

Resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.4.4

Package Instance