NGINX NGINX Makers of nginx server

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any NGINX product.

RSS Feeds for NGINX security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in NGINX products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by NGINX Sorted by Most Security Vulnerabilities since 2018

NGINX Njs22 vulnerabilities

nginx16 vulnerabilities
Popular web server

NGINX Unit1 vulnerability

By the Year

In 2025 there have been 0 vulnerabilities in NGINX. NGINX did not have any published security vulnerabilities last year.




Year Vulnerabilities Average Score
2025 0 0.00
2024 0 0.00
2023 2 9.80
2022 8 7.61
2021 2 8.75
2020 5 5.92
2019 12 8.68
2018 3 7.03

It may take a day or so for new NGINX vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent NGINX Security Vulnerabilities

Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92

CVE-2020-19692 9.8 - Critical - April 04, 2023

Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92 allows a remote attacker to execute arbitrary code via the njs_module_read in the njs_module.c file.

Classic Buffer Overflow

Buffer Overflow found in Nginx NJS

CVE-2020-19695 9.8 - Critical - April 04, 2023

Buffer Overflow found in Nginx NJS allows a remote attacker to execute arbitrary code via the njs_object_property parameter of the njs/njs_vm.c function.

Classic Buffer Overflow

An issue was discovered in Nginx NJS v0.7.5

CVE-2022-35173 7.5 - High - August 18, 2022

An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to a correct offset during code generation, leading to a segmentation violation.

Improper Check for Unusual or Exceptional Conditions

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_set_number at src/njs_value.h.

CVE-2022-30503 5.5 - Medium - June 02, 2022

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_set_number at src/njs_value.h.

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_prototype_sort at src/njs_array.c.

CVE-2022-29780 5.5 - Medium - June 02, 2022

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_prototype_sort at src/njs_array.c.

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c.

CVE-2022-29779 5.5 - Medium - June 02, 2022

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c.

njs through 0.7.1

CVE-2021-46463 9.8 - Critical - February 14, 2022

njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in njs_promise_perform_then().

Object Type Confusion

njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation

CVE-2021-46462 7.5 - High - February 14, 2022

njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c.

njs through 0.7.0

CVE-2022-25139 9.8 - Critical - February 14, 2022

njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in njs_await_fulfilled.

Dangling pointer

njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access

CVE-2021-46461 9.8 - Critical - February 14, 2022

njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c.

Buffer Overflow

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.