Let's Encrypt ist eine gemeinnützige Zertifizierungsstelle. Mit Unterstützung von Mozilla, der Bürgerrechtsorganisation Electronic Frontier Foundation (EFF) und einigen Unternehmen wie z.B. Content-Delivery-Netzwerk-Anbieter Akamai und Cisco soll so jeder kostenlos ein TLS-Zertifikat erhalten können, um die Verbindungen zu eigenen Webseiten per HTTPS verschlüsseln zu können.
-
CVE-2021-23017
Latest security vulnerabilities Nginx products Jun 1, 2021 | 00:00 amA security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. (CVSS:7.5) (Last[…]
Read more... -
CVE-2020-24346
Latest security vulnerabilities Nginx products Aug 13, 2020 | 00:00 amnjs through 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c. (CVSS:6.8) (Last Update:2020-09-18)
Read more... -
CVE-2020-24347
Latest security vulnerabilities Nginx products Aug 13, 2020 | 00:00 amnjs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c. (CVSS:2.1) (Last Update:2020-09-18)
Read more... -
CVE-2020-24348
Latest security vulnerabilities Nginx products Aug 13, 2020 | 00:00 amnjs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c. (CVSS:2.1) (Last Update:2020-09-18)
Read more... -
CVE-2020-24349
Latest security vulnerabilities Nginx products Aug 13, 2020 | 00:00 amnjs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface. (CVSS:2.1) (Last Update:2020-09-18)
Read more... -
CVE-2019-20372
Latest security vulnerabilities Nginx products Jan 9, 2020 | 00:00 amNGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer. (CVSS:4.3) (Last Update:2020-01-15)
Read more... -
CVE-2019-13617
Latest security vulnerabilities Nginx products Jul 16, 2019 | 00:00 amnjs through 0.3.3, used in NGINX, has a heap-based buffer over-read in nxt_vsprintf in nxt/nxt_sprintf.c during error handling, as demonstrated by an njs_regexp_literal call that leads to an njs_parser_lexer_error call and then an njs_parser_scope_error call. (CVSS:4.3) (Last Update:2020-08-24)
Read more... -
CVE-2019-13067
Latest security vulnerabilities Nginx products Jun 30, 2019 | 00:00 amnjs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. This issue occurs after the fix for CVE-2019-12207 is in place. (CVSS:7.5) (Last Update:2019-07-05)
Read more... -
CVE-2019-12207
Latest security vulnerabilities Nginx products May 20, 2019 | 00:00 amnjs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. (CVSS:7.5) (Last Update:2020-08-24)
Read more... -
CVE-2019-12208
Latest security vulnerabilities Nginx products May 20, 2019 | 00:00 amnjs through 0.3.1, used in NGINX, has a heap-based buffer overflow in njs_function_native_call in njs/njs_function.c. (CVSS:7.5) (Last Update:2020-08-24)
Read more...
