VulnerableCode Package Details - pkg:nginx/nginx@1.29.5

Vulnerabilities affecting this package (13)

Vulnerability	Summary	Fixed by
VCID-422n-2b44-mbh2 Aliases: CVE-2026-42946	nginx: ngx_http_scgi_module: ngx_http_uwsgi_module: information disclosure and denial of service	1.30.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.31.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-b3hy-gnzn-f3af Aliases: CVE-2026-40460	nginx: NGINX: Authorization bypass via IP spoofing in HTTP/3 QUIC module	1.30.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.31.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-cxs8-z482-ufht Aliases: CVE-2026-32647	nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files	1.29.7 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-dfzv-bqb6-xkgp Aliases: CVE-2026-42934	nginx: ngx_http_charset_module: information disclosure and denial of service	1.30.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.31.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-fpta-dc5f-pkct Aliases: CVE-2026-27784	NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file	1.29.7 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-gjvm-84ff-3qad Aliases: CVE-2026-27654	NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module	1.29.7 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-kn1z-74dk-zyed Aliases: CVE-2026-28753	NGINX: NGINX Plus: NGINX Open Source: NGINX Plus and NGINX Open Source: Request manipulation via header injection in SMTP upstream requests	1.29.7 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-rqp9-y9tu-qbgg Aliases: CVE-2026-42926		1.30.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.31.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-ttbr-yfea-47c5 Aliases: CVE-2026-27651	NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled	1.29.7 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-uy9d-zu9s-6yh3 Aliases: CVE-2026-42945	nginx: NGINX: Arbitrary Code Execution Vulnerability	1.30.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.31.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-wc2b-cb7d-ekbq Aliases: CVE-2026-40701	nginx: ngx_http_ssl_module: data corruption and denial of service	1.30.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.31.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-xg73-adr1-ybfr Aliases: CVE-2026-28755	NGINX: NGINX: Certificate revocation bypass when OCSP is enabled	1.29.7 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-xsdq-5m4c-mqcs Aliases: CVE-2026-9256	nginx: ngx_http_rewrite_module: code execution and denial of service	1.30.2 Affected by 0 other vulnerabilities. 1.31.1 Affected by 0 other vulnerabilities.

Next non-vulnerable version	1.30.2
Latest non-vulnerable version	1.31.1
Risk

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-30T01:31:47.649617+00:00	Nginx Importer	Affected by	VCID-b3hy-gnzn-f3af	https://nginx.org/en/security_advisories.html	38.6.0
2026-05-30T01:31:38.525470+00:00	Nginx Importer	Affected by	VCID-fpta-dc5f-pkct	https://nginx.org/en/security_advisories.html	38.6.0
2026-05-30T01:31:18.045107+00:00	Nginx Importer	Affected by	VCID-uy9d-zu9s-6yh3	https://nginx.org/en/security_advisories.html	38.6.0
2026-05-30T01:31:13.696566+00:00	Nginx Importer	Affected by	VCID-xg73-adr1-ybfr	https://nginx.org/en/security_advisories.html	38.6.0
2026-05-30T01:31:10.945438+00:00	Nginx Importer	Affected by	VCID-rqp9-y9tu-qbgg	https://nginx.org/en/security_advisories.html	38.6.0
2026-05-30T01:31:01.294171+00:00	Nginx Importer	Affected by	VCID-ttbr-yfea-47c5	https://nginx.org/en/security_advisories.html	38.6.0
2026-05-30T01:30:08.710601+00:00	Nginx Importer	Affected by	VCID-xsdq-5m4c-mqcs	https://nginx.org/en/security_advisories.html	38.6.0
2026-05-30T01:29:39.039400+00:00	Nginx Importer	Affected by	VCID-cxs8-z482-ufht	https://nginx.org/en/security_advisories.html	38.6.0
2026-05-30T01:29:29.630286+00:00	Nginx Importer	Affected by	VCID-wc2b-cb7d-ekbq	https://nginx.org/en/security_advisories.html	38.6.0
2026-05-30T01:29:25.569133+00:00	Nginx Importer	Affected by	VCID-gjvm-84ff-3qad	https://nginx.org/en/security_advisories.html	38.6.0
2026-05-30T01:29:20.163626+00:00	Nginx Importer	Affected by	VCID-kn1z-74dk-zyed	https://nginx.org/en/security_advisories.html	38.6.0
2026-05-30T01:29:15.165014+00:00	Nginx Importer	Affected by	VCID-422n-2b44-mbh2	https://nginx.org/en/security_advisories.html	38.6.0
2026-05-30T01:29:00.370439+00:00	Nginx Importer	Affected by	VCID-dfzv-bqb6-xkgp	https://nginx.org/en/security_advisories.html	38.6.0
2026-05-29T20:49:18.280660+00:00	Nginx Importer	Fixing	VCID-5kgu-8trw-zufv	https://nginx.org/en/security_advisories.html	38.6.0