Download
| Alert*
oval:org.secpod.oval:def:1801706
NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer. The bug appeared in 0.7.12.marked the task 3.10-stable as complete ... oval:org.secpod.oval:def:505033 nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix: * nginx: HTTP request smuggling via error pages in http/ngx_http_special_response.c For more details about the security issue, including the impact ... oval:org.secpod.oval:def:61529 nginx: small, powerful, scalable web/proxy server nginx could be made to expose sensitive information over the network. oval:org.secpod.oval:def:89050355 This update for nginx fixes the following issues: - CVE-2019-20372: Fixed an HTTP request smuggling with certain error_page configurations which could have allowed unauthorized web page reads . oval:org.secpod.oval:def:89000133 This update for nginx fixes the following issues: nginx was updated to 1.16.1 - Added TLS 1.3 support - Replaced obsolete GeoIP module with MaxMinDB-based GeoIP2 - Started nginx after network is online - CVE-2019-20372: Fixed an HTTP request smuggling with certain error_page configurations which ... oval:org.secpod.oval:def:75136 The host is missing a security update according to the Apple advisory APPLE-SA-2021-09-20-4 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle issues in nginx. Successful exploitation allows an attacker to cause multiple impacts. oval:org.secpod.oval:def:75135 The host is installed with Xcode before 13 on Apple Mac OS 11.3 or later and is prone to an HTTP request smuggling vulnerability. A flaw is present in the application, which fails to properly handle issue in nginx. Successful exploitation allows an attacker to read unauthorized web pages in environm ... oval:org.secpod.oval:def:1503153 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2500075 nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. oval:org.secpod.oval:def:69630 nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix: * nginx: HTTP request smuggling in configurations with URL redirect used as error_page For more details about the security issue, including the imp ... oval:org.secpod.oval:def:705328 nginx: small, powerful, scalable web/proxy server nginx could be made to expose sensitive information over the network. oval:org.secpod.oval:def:1701661 NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer oval:org.secpod.oval:def:505243 nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix: * nginx: HTTP request smuggling in configurations with URL redirect used as error_page For more details about the security issue, including the imp ... |