NGINX NGINX Makers of nginx server

stack.watch can notify you when security vulnerabilities are reported in any NGINX product. You can add multiple products that you use with NGINX to create your own personal software stack watcher.

Products by NGINX Sorted by Most Security Vulnerabilities since 2018

NGINX Njs12 vulnerabilities

nginx4 vulnerabilities
Popular web server

NGINX Unit1 vulnerability

@nginx Tweets

While speed is important, it is only one criteria when selecting a #WAF. Register to attend the free webinar from… https://t.co/1THO9tcnDz
Tue Sep 29 16:48:02 +0000 2020

In this blog we report the results of our performance testing on three #NGINX Ingress controllers in a realistic… https://t.co/ZL0MF7q8Fh
Mon Sep 28 16:48:02 +0000 2020

【受付中】ユーザ必見!NGINX入門セミナー 知っておくと便利なオープンソース版とNGINX Plusの違い、機能比較をまとめてご紹介! 限られた機能しか使っていないかも、まだ使用してないけど興味がある。という方、ぜひご参加お待ち… https://t.co/Ddzg8PJ2qH
Mon Sep 28 03:30:03 +0000 2020

Why are internal APIs important? What are the benefits of internal APIs? And crucially, what’s the most optimal arc… https://t.co/vu56UhyRoi
Fri Sep 25 18:56:02 +0000 2020

RT @jasonrahm: Today’s show recapping @nginx Sprint was great fun! Thanks to @rwhitely0 and @aknot242 for joining us! Catch the replay here…
Fri Sep 25 02:53:03 +0000 2020

By the Year

In 2020 there have been 5 vulnerabilities in NGINX with an average score of 5.9 out of ten. Last year NGINX had 9 security vulnerabilities published. Right now, NGINX is on track to have less security vulerabilities in 2020 than it did last year. Last year, the average CVE base score was greater by 3.26

Year Vulnerabilities Average Score
2020 5 5.92
2019 9 9.18
2018 3 7.03

It may take a day or so for new NGINX vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest NGINX Security Vulnerabilities

njs through 0.4.3

CVE-2020-24346 7.8 - High - August 13, 2020

njs through 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c.

CVE-2020-24346 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Dangling pointer

njs through 0.4.3

CVE-2020-24347 5.5 - Medium - August 13, 2020

njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c.

CVE-2020-24347 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Out-of-bounds Read

njs through 0.4.3

CVE-2020-24348 5.5 - Medium - August 13, 2020

njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c.

CVE-2020-24348 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Out-of-bounds Read

njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c

CVE-2020-24349 5.5 - Medium - August 13, 2020

njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface.

CVE-2020-24349 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.

Improper Input Validation

NGINX before 1.17.7, with certain error_page configurations

CVE-2019-20372 5.3 - Medium - January 09, 2020

NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

CVE-2019-20372 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

njs through 0.3.3, used in NGINX, has a heap-based buffer over-read in nxt_vsprintf in nxt/nxt_sprintf.c during error handling, as demonstrated by an njs_regexp_literal call

CVE-2019-13617 6.5 - Medium - July 16, 2019

njs through 0.3.3, used in NGINX, has a heap-based buffer over-read in nxt_vsprintf in nxt/nxt_sprintf.c during error handling, as demonstrated by an njs_regexp_literal call that leads to an njs_parser_lexer_error call and then an njs_parser_scope_error call.

CVE-2019-13617 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Out-of-bounds Read

njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c

CVE-2019-13067 9.8 - Critical - June 30, 2019

njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. This issue occurs after the fix for CVE-2019-12207 is in place.

CVE-2019-13067 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Out-of-bounds Read

njs through 0.3.1

CVE-2019-12206 9.8 - Critical - May 20, 2019

njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in nxt_utf8_encode in nxt_utf8.c.

CVE-2019-12206 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Out-of-bounds Write

njs through 0.3.1

CVE-2019-12207 9.8 - Critical - May 20, 2019

njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c.

CVE-2019-12207 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Out-of-bounds Read

njs through 0.3.1

CVE-2019-12208 9.8 - Critical - May 20, 2019

njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in njs_function_native_call in njs/njs_function.c.

CVE-2019-12208 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Out-of-bounds Write

njs through 0.3.1

CVE-2019-11837 7.5 - High - May 09, 2019

njs through 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c.

CVE-2019-11837 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Numeric Errors

njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.splice after a resize, related to njs_array_prototype_splice in njs/njs_array.c

CVE-2019-11838 9.8 - Critical - May 09, 2019

njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.splice after a resize, related to njs_array_prototype_splice in njs/njs_array.c, because of njs_array_expand size mishandling.

CVE-2019-11838 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Out-of-bounds Write

njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.push after a resize, related to njs_array_prototype_push in njs/njs_array.c

CVE-2019-11839 9.8 - Critical - May 09, 2019

njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.push after a resize, related to njs_array_prototype_push in njs/njs_array.c, because of njs_array_expand size mishandling.

CVE-2019-11839 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Out-of-bounds Write

NGINX Unit before 1.7.1 might

CVE-2019-7401 9.8 - Critical - February 08, 2019

NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service (router process crash) or possibly have unspecified other impact.

CVE-2019-7401 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Out-of-bounds Write

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage

CVE-2018-16844 7.5 - High - November 07, 2018

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.

CVE-2018-16844 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Uncontrolled Resource Consumption ('Resource Exhaustion')

nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might

CVE-2018-16845 6.1 - Medium - November 07, 2018

nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module.

CVE-2018-16845 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity, and a high impact on availability.

Loop with Unreachable Exit Condition ('Infinite Loop')

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption

CVE-2018-16843 7.5 - High - November 07, 2018

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.

CVE-2018-16843 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Uncontrolled Resource Consumption ('Resource Exhaustion')

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD), Icons by Icons8