VulnerableCode Package Details - pkg:alpm/archlinux/nginx-mainline@1.21.0-1

Search for packages

Package details: pkg:alpm/archlinux/nginx-mainline@1.21.0-1

Essentials
History (2)

purl	pkg:alpm/archlinux/nginx-mainline@1.21.0-1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-3d3j-83ap-jua7	ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.	CVE-2021-3618
VCID-yrdf-1ka4-d7ff	1-byte memory overwrite in resolver	CVE-2021-23017

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-31T11:37:49.762453+00:00	Arch Linux Importer	Fixing	VCID-yrdf-1ka4-d7ff	https://security.archlinux.org/AVG-1987	37.0.0
2025-07-31T11:37:48.911163+00:00	Arch Linux Importer	Fixing	VCID-3d3j-83ap-jua7	https://security.archlinux.org/AVG-2103	37.0.0