Search for packages
| purl | pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-w5uu-nj7c-wka6
Aliases: CVE-2023-44487 GHSA-qppj-fm5r-hxr3 VSV00013 |
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-66m3-refr-quf4 | Buffer overread in the ngx_http_mp4_module |
CVE-2024-7347
|
| VCID-jpnw-4r81-93c2 | SSL session reuse vulnerability |
CVE-2025-23419
|
| VCID-qeft-42gz-2bbq | ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header. |
CVE-2020-36309
|
| VCID-vfxh-kpsr-1kh7 | An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request. |
CVE-2024-33452
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-08-01T16:17:44.232811+00:00 | Debian Oval Importer | Fixing | VCID-vfxh-kpsr-1kh7 | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |
| 2025-08-01T13:55:57.059939+00:00 | Debian Oval Importer | Fixing | VCID-66m3-refr-quf4 | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |
| 2025-08-01T13:41:01.162632+00:00 | Debian Oval Importer | Fixing | VCID-jpnw-4r81-93c2 | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |
| 2025-08-01T13:19:54.833489+00:00 | Debian Oval Importer | Fixing | VCID-qeft-42gz-2bbq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |
| 2025-08-01T12:40:26.319592+00:00 | Debian Importer | Affected by | VCID-w5uu-nj7c-wka6 | https://security-tracker.debian.org/tracker/data/json | 37.0.0 |