Search for packages
Package details: pkg:nginx/nginx@1.17.3
purl pkg:nginx/nginx@1.17.3
Next non-vulnerable version 1.26.2
Latest non-vulnerable version 1.27.4
Risk 10.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-2gtf-635s-aaab
Aliases:
CVE-2022-41742
NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.
1.22.1
Affected by 1 other vulnerability.
1.23.2
Affected by 1 other vulnerability.
VCID-c9xc-nm4d-aaar
Aliases:
CVE-2024-7347
Buffer overread in the ngx_http_mp4_module
1.26.2
Affected by 0 other vulnerabilities.
1.27.1
Affected by 0 other vulnerabilities.
VCID-q6hd-xazy-aaaj
Aliases:
CVE-2022-41741
NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.
1.22.1
Affected by 1 other vulnerability.
1.23.2
Affected by 1 other vulnerability.
VCID-xdng-3k7v-aaaj
Aliases:
CVE-2021-23017
1-byte memory overwrite in resolver
1.20.1
Affected by 3 other vulnerabilities.
1.21.0
Affected by 3 other vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-srtd-t3v1-aaag Excessive memory usage in HTTP/2 with zero length headers CVE-2019-9516
VCID-t7tm-t2rh-aaah Excessive CPU usage in HTTP/2 with priority changes CVE-2019-9513
VCID-vkg1-2urs-aaap Excessive CPU usage in HTTP/2 with small window updates CVE-2019-9511

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T16:26:27.707609+00:00 Nginx Importer Affected by VCID-c9xc-nm4d-aaar https://nginx.org/en/security_advisories.html 36.1.3
2025-06-04T08:01:26.119964+00:00 Nginx Importer Affected by VCID-c9xc-nm4d-aaar https://nginx.org/en/security_advisories.html 36.1.0
2025-06-02T21:53:17.356236+00:00 Nginx Importer Affected by VCID-c9xc-nm4d-aaar https://nginx.org/en/security_advisories.html 36.1.2
2025-04-03T22:47:08.406653+00:00 Nginx Importer Affected by VCID-c9xc-nm4d-aaar https://nginx.org/en/security_advisories.html 36.0.0
2025-03-28T16:29:47.453173+00:00 Nginx Importer Fixing VCID-srtd-t3v1-aaag https://nginx.org/en/security_advisories.html 36.0.0
2025-03-28T16:29:47.375541+00:00 Nginx Importer Fixing VCID-t7tm-t2rh-aaah https://nginx.org/en/security_advisories.html 36.0.0
2025-03-28T16:29:47.292409+00:00 Nginx Importer Fixing VCID-vkg1-2urs-aaap https://nginx.org/en/security_advisories.html 36.0.0
2025-02-18T08:38:36.130682+00:00 Nginx Importer Affected by VCID-c9xc-nm4d-aaar https://nginx.org/en/security_advisories.html 35.1.0
2025-01-16T23:01:18.800416+00:00 Nginx Importer Fixing VCID-srtd-t3v1-aaag None 35.1.0
2025-01-16T23:01:18.758273+00:00 Nginx Importer Fixing VCID-t7tm-t2rh-aaah None 35.1.0
2025-01-16T23:01:18.714968+00:00 Nginx Importer Fixing VCID-vkg1-2urs-aaap None 35.1.0
2024-10-08T04:28:21.956218+00:00 Nginx Importer Affected by VCID-c9xc-nm4d-aaar https://nginx.org/en/security_advisories.html 34.0.2
2024-10-08T04:28:04.424352+00:00 Nginx Importer Affected by VCID-2gtf-635s-aaab https://nginx.org/en/security_advisories.html 34.0.2
2024-10-08T04:28:00.181674+00:00 Nginx Importer Affected by VCID-q6hd-xazy-aaaj https://nginx.org/en/security_advisories.html 34.0.2
2024-10-08T04:27:54.554432+00:00 Nginx Importer Affected by VCID-xdng-3k7v-aaaj https://nginx.org/en/security_advisories.html 34.0.2
2024-10-08T04:27:50.638036+00:00 Nginx Importer Fixing VCID-srtd-t3v1-aaag https://nginx.org/en/security_advisories.html 34.0.2
2024-10-08T04:27:47.879548+00:00 Nginx Importer Fixing VCID-t7tm-t2rh-aaah https://nginx.org/en/security_advisories.html 34.0.2
2024-10-08T04:27:44.756925+00:00 Nginx Importer Fixing VCID-vkg1-2urs-aaap https://nginx.org/en/security_advisories.html 34.0.2
2024-09-23T04:09:42.265493+00:00 Nginx Importer Affected by VCID-c9xc-nm4d-aaar https://nginx.org/en/security_advisories.html 34.0.1
2024-09-23T04:09:24.931337+00:00 Nginx Importer Affected by VCID-2gtf-635s-aaab https://nginx.org/en/security_advisories.html 34.0.1
2024-09-23T04:09:20.910389+00:00 Nginx Importer Affected by VCID-q6hd-xazy-aaaj https://nginx.org/en/security_advisories.html 34.0.1
2024-09-23T04:09:16.233449+00:00 Nginx Importer Affected by VCID-xdng-3k7v-aaaj https://nginx.org/en/security_advisories.html 34.0.1
2024-09-17T22:48:22.613337+00:00 Nginx Importer Fixing VCID-srtd-t3v1-aaag https://nginx.org/en/security_advisories.html 34.0.1
2024-09-17T22:48:22.563317+00:00 Nginx Importer Fixing VCID-t7tm-t2rh-aaah https://nginx.org/en/security_advisories.html 34.0.1
2024-09-17T22:48:22.513096+00:00 Nginx Importer Fixing VCID-vkg1-2urs-aaap https://nginx.org/en/security_advisories.html 34.0.1
2024-04-24T06:34:04.077796+00:00 Nginx Importer Affected by VCID-2gtf-635s-aaab None 34.0.0rc4
2024-04-24T06:33:59.975826+00:00 Nginx Importer Affected by VCID-2gtf-635s-aaab https://nginx.org/en/security_advisories.html 34.0.0rc4
2024-04-24T06:33:52.338695+00:00 Nginx Importer Affected by VCID-q6hd-xazy-aaaj https://nginx.org/en/security_advisories.html 34.0.0rc4
2024-04-24T06:33:44.413317+00:00 Nginx Importer Affected by VCID-q6hd-xazy-aaaj None 34.0.0rc4
2024-04-24T06:33:34.033371+00:00 Nginx Importer Affected by VCID-xdng-3k7v-aaaj None 34.0.0rc4
2024-04-24T06:33:28.537372+00:00 Nginx Importer Affected by VCID-xdng-3k7v-aaaj https://nginx.org/en/security_advisories.html 34.0.0rc4
2024-04-24T06:33:21.999584+00:00 Nginx Importer Fixing VCID-srtd-t3v1-aaag None 34.0.0rc4
2024-04-24T06:33:19.381735+00:00 Nginx Importer Fixing VCID-srtd-t3v1-aaag https://nginx.org/en/security_advisories.html 34.0.0rc4
2024-04-24T06:33:14.021379+00:00 Nginx Importer Fixing VCID-t7tm-t2rh-aaah None 34.0.0rc4
2024-04-24T06:33:11.368157+00:00 Nginx Importer Fixing VCID-t7tm-t2rh-aaah https://nginx.org/en/security_advisories.html 34.0.0rc4
2024-04-24T06:33:05.617358+00:00 Nginx Importer Fixing VCID-vkg1-2urs-aaap https://nginx.org/en/security_advisories.html 34.0.0rc4
2024-04-24T06:33:02.769732+00:00 Nginx Importer Fixing VCID-vkg1-2urs-aaap None 34.0.0rc4
2024-01-10T09:03:00.462764+00:00 Nginx Importer Affected by VCID-2gtf-635s-aaab None 34.0.0rc2
2024-01-10T09:02:55.937302+00:00 Nginx Importer Affected by VCID-2gtf-635s-aaab https://nginx.org/en/security_advisories.html 34.0.0rc2
2024-01-10T09:02:47.156806+00:00 Nginx Importer Affected by VCID-q6hd-xazy-aaaj https://nginx.org/en/security_advisories.html 34.0.0rc2
2024-01-10T09:02:38.263974+00:00 Nginx Importer Affected by VCID-q6hd-xazy-aaaj None 34.0.0rc2
2024-01-10T09:02:27.495273+00:00 Nginx Importer Affected by VCID-xdng-3k7v-aaaj None 34.0.0rc2
2024-01-10T09:02:21.571341+00:00 Nginx Importer Affected by VCID-xdng-3k7v-aaaj https://nginx.org/en/security_advisories.html 34.0.0rc2
2024-01-10T09:02:14.050710+00:00 Nginx Importer Fixing VCID-srtd-t3v1-aaag None 34.0.0rc2
2024-01-10T09:02:10.871744+00:00 Nginx Importer Fixing VCID-srtd-t3v1-aaag https://nginx.org/en/security_advisories.html 34.0.0rc2
2024-01-10T09:02:04.521829+00:00 Nginx Importer Fixing VCID-t7tm-t2rh-aaah None 34.0.0rc2
2024-01-10T09:02:00.769111+00:00 Nginx Importer Fixing VCID-t7tm-t2rh-aaah https://nginx.org/en/security_advisories.html 34.0.0rc2
2024-01-10T09:01:54.211388+00:00 Nginx Importer Fixing VCID-vkg1-2urs-aaap https://nginx.org/en/security_advisories.html 34.0.0rc2
2024-01-10T09:01:50.923154+00:00 Nginx Importer Fixing VCID-vkg1-2urs-aaap None 34.0.0rc2
2024-01-04T01:48:11.603205+00:00 Nginx Importer Affected by VCID-2gtf-635s-aaab None 34.0.0rc1
2024-01-04T01:48:07.278850+00:00 Nginx Importer Affected by VCID-2gtf-635s-aaab https://nginx.org/en/security_advisories.html 34.0.0rc1
2024-01-04T01:47:58.736111+00:00 Nginx Importer Affected by VCID-q6hd-xazy-aaaj https://nginx.org/en/security_advisories.html 34.0.0rc1
2024-01-04T01:47:49.972736+00:00 Nginx Importer Affected by VCID-q6hd-xazy-aaaj None 34.0.0rc1
2024-01-04T01:47:39.503129+00:00 Nginx Importer Affected by VCID-xdng-3k7v-aaaj None 34.0.0rc1
2024-01-04T01:47:33.970760+00:00 Nginx Importer Affected by VCID-xdng-3k7v-aaaj https://nginx.org/en/security_advisories.html 34.0.0rc1
2024-01-04T01:47:26.583955+00:00 Nginx Importer Fixing VCID-srtd-t3v1-aaag None 34.0.0rc1
2024-01-04T01:47:16.901919+00:00 Nginx Importer Fixing VCID-t7tm-t2rh-aaah None 34.0.0rc1
2024-01-04T01:47:04.156988+00:00 Nginx Importer Fixing VCID-vkg1-2urs-aaap None 34.0.0rc1
2024-01-03T18:31:51.304956+00:00 Nginx Importer Fixing VCID-srtd-t3v1-aaag https://nginx.org/en/security_advisories.html 34.0.0rc1
2024-01-03T18:31:51.256308+00:00 Nginx Importer Fixing VCID-t7tm-t2rh-aaah https://nginx.org/en/security_advisories.html 34.0.0rc1
2024-01-03T18:31:51.204402+00:00 Nginx Importer Fixing VCID-vkg1-2urs-aaap https://nginx.org/en/security_advisories.html 34.0.0rc1