Search for packages
| purl | pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4 |
| Next non-vulnerable version | 1.22.1-9+deb12u4 |
| Latest non-vulnerable version | 1.28.3-2 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-22cq-z7km-cfdc
Aliases: CVE-2025-23419 |
SSL session reuse vulnerability |
Affected by 7 other vulnerabilities. |
|
VCID-36pf-ddpb-3khs
Aliases: CVE-2020-11724 |
security update |
Affected by 13 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-3ysf-pvuu-47bs
Aliases: CVE-2019-20372 |
nginx: HTTP request smuggling in configurations with URL redirect used as error_page |
Affected by 13 other vulnerabilities. |
|
VCID-64n7-ygvq-cfds
Aliases: CVE-2018-16843 |
Excessive memory usage in HTTP/2 |
Affected by 13 other vulnerabilities. |
|
VCID-9hzg-r1fj-pubf
Aliases: CVE-2019-9513 |
Excessive CPU usage in HTTP/2 with priority changes |
Affected by 13 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-bana-j1wy-cfdy
Aliases: CVE-2018-16844 |
Excessive CPU usage in HTTP/2 |
Affected by 13 other vulnerabilities. |
|
VCID-c4ta-jqmg-wfgf
Aliases: CVE-2024-33452 |
lua-nginx-module: HTTP request smuggling via a crafted HEAD request |
Affected by 7 other vulnerabilities. |
|
VCID-c9ym-ckeq-63dq
Aliases: CVE-2022-41741 |
Memory corruption in the ngx_http_mp4_module |
Affected by 13 other vulnerabilities. |
|
VCID-cbn4-utmp-n7ba
Aliases: CVE-2021-23017 |
1-byte memory overwrite in resolver |
Affected by 13 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-cjx4-a19z-xufq
Aliases: CVE-2017-7529 |
Integer overflow in the range filter |
Affected by 13 other vulnerabilities. |
|
VCID-dmv4-ydq9-a7eq
Aliases: CVE-2019-9511 |
Excessive CPU usage in HTTP/2 with small window updates |
Affected by 13 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-eb23-pd25-yqg3
Aliases: CVE-2024-7347 |
Buffer overread in the ngx_http_mp4_module |
Affected by 7 other vulnerabilities. |
|
VCID-kcsp-h1s5-wbea
Aliases: CVE-2019-9516 |
Excessive memory usage in HTTP/2 with zero length headers |
Affected by 13 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-nckn-qkc8-t7ge
Aliases: CVE-2018-16845 |
Memory disclosure in the ngx_http_mp4_module |
Affected by 13 other vulnerabilities. |
|
VCID-u8aq-2qhu-gff5
Aliases: CVE-2021-3618 |
ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication |
Affected by 13 other vulnerabilities. |
|
VCID-wc3j-5xmu-kyex
Aliases: CVE-2022-41742 |
Memory disclosure in the ngx_http_mp4_module |
Affected by 13 other vulnerabilities. |
|
VCID-y3tg-7fge-1yfy
Aliases: CVE-2020-36309 |
ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header. |
Affected by 7 other vulnerabilities. |
|
VCID-yu2j-f4q9-bbcx
Aliases: CVE-2017-20005 |
nginx: buffer overflow in ngx_gmtime() triggered by 5 digit years |
Affected by 13 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-64n7-ygvq-cfds | Excessive memory usage in HTTP/2 |
CVE-2018-16843
|
| VCID-9hzg-r1fj-pubf | Excessive CPU usage in HTTP/2 with priority changes |
CVE-2019-9513
|
| VCID-bana-j1wy-cfdy | Excessive CPU usage in HTTP/2 |
CVE-2018-16844
|
| VCID-cjx4-a19z-xufq | Integer overflow in the range filter |
CVE-2017-7529
|
| VCID-dmv4-ydq9-a7eq | Excessive CPU usage in HTTP/2 with small window updates |
CVE-2019-9511
|
| VCID-kcsp-h1s5-wbea | Excessive memory usage in HTTP/2 with zero length headers |
CVE-2019-9516
|
| VCID-nckn-qkc8-t7ge | Memory disclosure in the ngx_http_mp4_module |
CVE-2018-16845
|