VulnerableCode Package Details - pkg:nginx/nginx@1.17.9

Search for packages

Package details: pkg:nginx/nginx@1.17.9

Essentials
History (31)

purl	pkg:nginx/nginx@1.17.9

Next non-vulnerable version	1.26.2
Latest non-vulnerable version	1.27.4
Risk	10.0

Vulnerabilities affecting this package (4)

Vulnerability	Summary	Fixed by
VCID-2gtf-635s-aaab Aliases: CVE-2022-41742	NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.	1.22.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.23.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-c9xc-nm4d-aaar Aliases: CVE-2024-7347	Buffer overread in the ngx_http_mp4_module	1.26.2 Affected by 0 other vulnerabilities. 1.27.1 Affected by 0 other vulnerabilities.
VCID-q6hd-xazy-aaaj Aliases: CVE-2022-41741	NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.	1.22.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.23.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-xdng-3k7v-aaaj Aliases: CVE-2021-23017	1-byte memory overwrite in resolver	1.20.1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.21.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-20T16:26:27.718529+00:00	Nginx Importer	Affected by	VCID-c9xc-nm4d-aaar	https://nginx.org/en/security_advisories.html	36.1.3
2025-06-04T08:01:26.128983+00:00	Nginx Importer	Affected by	VCID-c9xc-nm4d-aaar	https://nginx.org/en/security_advisories.html	36.1.0
2025-06-02T21:53:17.368999+00:00	Nginx Importer	Affected by	VCID-c9xc-nm4d-aaar	https://nginx.org/en/security_advisories.html	36.1.2
2025-04-03T22:47:08.436628+00:00	Nginx Importer	Affected by	VCID-c9xc-nm4d-aaar	https://nginx.org/en/security_advisories.html	36.0.0
2025-02-18T08:38:36.159702+00:00	Nginx Importer	Affected by	VCID-c9xc-nm4d-aaar	https://nginx.org/en/security_advisories.html	35.1.0
2024-10-08T04:28:21.987236+00:00	Nginx Importer	Affected by	VCID-c9xc-nm4d-aaar	https://nginx.org/en/security_advisories.html	34.0.2
2024-10-08T04:28:04.452941+00:00	Nginx Importer	Affected by	VCID-2gtf-635s-aaab	https://nginx.org/en/security_advisories.html	34.0.2
2024-10-08T04:28:00.210280+00:00	Nginx Importer	Affected by	VCID-q6hd-xazy-aaaj	https://nginx.org/en/security_advisories.html	34.0.2
2024-10-08T04:27:54.583145+00:00	Nginx Importer	Affected by	VCID-xdng-3k7v-aaaj	https://nginx.org/en/security_advisories.html	34.0.2
2024-09-23T04:09:42.297641+00:00	Nginx Importer	Affected by	VCID-c9xc-nm4d-aaar	https://nginx.org/en/security_advisories.html	34.0.1
2024-09-23T04:09:24.959927+00:00	Nginx Importer	Affected by	VCID-2gtf-635s-aaab	https://nginx.org/en/security_advisories.html	34.0.1
2024-09-23T04:09:20.939024+00:00	Nginx Importer	Affected by	VCID-q6hd-xazy-aaaj	https://nginx.org/en/security_advisories.html	34.0.1
2024-09-23T04:09:16.262171+00:00	Nginx Importer	Affected by	VCID-xdng-3k7v-aaaj	https://nginx.org/en/security_advisories.html	34.0.1
2024-04-24T06:34:04.105583+00:00	Nginx Importer	Affected by	VCID-2gtf-635s-aaab	None	34.0.0rc4
2024-04-24T06:34:00.004180+00:00	Nginx Importer	Affected by	VCID-2gtf-635s-aaab	https://nginx.org/en/security_advisories.html	34.0.0rc4
2024-04-24T06:33:52.366765+00:00	Nginx Importer	Affected by	VCID-q6hd-xazy-aaaj	https://nginx.org/en/security_advisories.html	34.0.0rc4
2024-04-24T06:33:44.441067+00:00	Nginx Importer	Affected by	VCID-q6hd-xazy-aaaj	None	34.0.0rc4
2024-04-24T06:33:34.061283+00:00	Nginx Importer	Affected by	VCID-xdng-3k7v-aaaj	None	34.0.0rc4
2024-04-24T06:33:28.565467+00:00	Nginx Importer	Affected by	VCID-xdng-3k7v-aaaj	https://nginx.org/en/security_advisories.html	34.0.0rc4
2024-01-10T09:03:00.490668+00:00	Nginx Importer	Affected by	VCID-2gtf-635s-aaab	None	34.0.0rc2
2024-01-10T09:02:55.965464+00:00	Nginx Importer	Affected by	VCID-2gtf-635s-aaab	https://nginx.org/en/security_advisories.html	34.0.0rc2
2024-01-10T09:02:47.184770+00:00	Nginx Importer	Affected by	VCID-q6hd-xazy-aaaj	https://nginx.org/en/security_advisories.html	34.0.0rc2
2024-01-10T09:02:38.293124+00:00	Nginx Importer	Affected by	VCID-q6hd-xazy-aaaj	None	34.0.0rc2
2024-01-10T09:02:27.523324+00:00	Nginx Importer	Affected by	VCID-xdng-3k7v-aaaj	None	34.0.0rc2
2024-01-10T09:02:21.599473+00:00	Nginx Importer	Affected by	VCID-xdng-3k7v-aaaj	https://nginx.org/en/security_advisories.html	34.0.0rc2
2024-01-04T01:48:11.631134+00:00	Nginx Importer	Affected by	VCID-2gtf-635s-aaab	None	34.0.0rc1
2024-01-04T01:48:07.306760+00:00	Nginx Importer	Affected by	VCID-2gtf-635s-aaab	https://nginx.org/en/security_advisories.html	34.0.0rc1
2024-01-04T01:47:58.764059+00:00	Nginx Importer	Affected by	VCID-q6hd-xazy-aaaj	https://nginx.org/en/security_advisories.html	34.0.0rc1
2024-01-04T01:47:50.000552+00:00	Nginx Importer	Affected by	VCID-q6hd-xazy-aaaj	None	34.0.0rc1
2024-01-04T01:47:39.530857+00:00	Nginx Importer	Affected by	VCID-xdng-3k7v-aaaj	None	34.0.0rc1
2024-01-04T01:47:33.995416+00:00	Nginx Importer	Affected by	VCID-xdng-3k7v-aaaj	https://nginx.org/en/security_advisories.html	34.0.0rc1