pkg:Alpine/nginx

所有已知漏洞

• MEDIUM5.3CVE-2023-44487⚠ KEVnghttp2 - security update
  from 0, < 1.20.2-r2
• CRITICAL9.8CVE-2022-25139njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in njs_await_fulfilled.
  from 0, < 1.20.2-r2
• CRITICAL9.8CVE-2021-46463njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in njs_promise_p…
  from 0, < 1.20.2-r2
• CRITICAL9.8CVE-2021-46461njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c.
  from 0, < 1.20.2-r2
• HIGH8.2CVE-2026-27654NGINX ngx_http_dav_module vulnerability
  from 0, < 1.28.3-r0
• HIGH7.8CVE-2026-32647NGINX ngx_http_mp4_module vulnerability
  from 0, < 1.28.3-r0
• HIGH7.8CVE-2022-41741NGINX ngx_http_mp4_module vulnerability CVE-2022-41741
  from 0, < 1.22.1-r0
• HIGH7.7CVE-2021-23017nginx - security update
  from 0, < 1.16.1-r3
• HIGH7.5CVE-2026-27651NGINX ngx_mail_auth_http_module vulnerability
  from 0, < 1.28.3-r0
• HIGH7.5CVE-2021-46462njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c.
  from 0, < 1.20.2-r2
• HIGH7.5CVE-2019-9513Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service.
  from 0, < 1.16.1-r0
• HIGH7.5CVE-2019-9511nghttp2 - security update
  from 0, < 1.16.1-r0
• HIGH7.5CVE-2018-16844nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage.
  from 0, < 1.14.1-r0
• HIGH7.5CVE-2018-16843nginx - security update
  from 0, < 1.14.1-r0
• HIGH7.5CVE-2017-7529nginx - security update
  from 0, < 1.12.1-r0
• HIGH7.4CVE-2021-3618nginx - security update
  from 0, < 1.20.1-r1
• HIGH7.1CVE-2022-41742NGINX ngx_http_mp4_module vulnerability CVE-2022-41742
  from 0, < 1.22.1-r0
• MEDIUM6.5CVE-2026-42946NGINX ngx_http_scgi_module and ngx_http_uwsgi_module vulnerability
  from 0, < 1.28.3-r1
• MEDIUM6.5CVE-2026-40460NGINX ngx_quic_module vulnerability
  from 0, < 1.28.3-r1
• MEDIUM6.5CVE-2024-32760NGINX HTTP/3 QUIC vulnerability
  from 0, < 0
• MEDIUM6.5CVE-2019-9516Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service.
  from 0, < 1.16.1-r0
• MEDIUM6.1CVE-2018-16845nginx - security update
  from 0, < 1.14.1-r0
• MEDIUM5.5CVE-2026-27784NGINX ngx_http_mp4_module vulnerability
  from 0, < 1.28.3-r0
• MEDIUM5.4CVE-2026-28755NGINX ngx_stream_ssl_module vulnerability
  from 0, < 1.28.3-r0
• MEDIUM5.3CVE-2024-35200NGINX HTTP/3 QUIC vulnerability
  from 0, < 0
• MEDIUM5.3CVE-2024-34161NGINX HTTP/3 QUIC vulnerability
  from 0, < 0
• MEDIUM5.3CVE-2019-20372NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker t…
  from 0, < 1.16.1-r2
• MEDIUM4.8CVE-2026-42934NGINX ngx_http_charset_module vulnerability
  from 0, < 1.28.3-r1
• MEDIUM4.8CVE-2026-40701NGINX ngx_http_ssl_module vulnerability
  from 0, < 1.28.3-r1
• MEDIUM4.8CVE-2024-31079NGINX HTTP/3 QUIC vulnerability
  from 0, < 0
• MEDIUM4.7CVE-2024-7347NGINX MP4 module vulnerability
  from 0, < 1.26.2-r0
• LOW3.7CVE-2026-28753NGINX ngx_mail_proxy_module vulnerability
  from 0, < 1.28.3-r0
• —CVE-2026-9256NGINX ngx_http_rewrite_module vulnerability
  from 0, < 1.28.3-r2
• —CVE-2026-42945NGINX ngx_http_rewrite_module vulnerability
  from 0, < 1.28.3-r1
• —CVE-2026-1642NGINX vulnerability
  from 0, < 1.28.2-r0
• —CVE-2025-53859NGINX ngx_mail_smtp_module vulnerability
  from 0, < 1.28.2-r0
• —CVE-2025-23419TLS Session Resumption Vulnerability
  from 0, < 1.26.3-r0
• —CVE-2022-3638Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.
  from 0, < 0