Tag
#NGINX
4 stories taggedNGINX.

Vulnerabilities
F5 Fixes Serious Security Flaws in NGINX and BIG-IP
Multiple vulnerabilities in two widely used pieces of networking software could have let attackers take control of systems, crash services, or steal data. Patches are now available.
3 min read

Vulnerabilities
Two Critical NGINX Open Source Bugs Open the Door to Remote Code Execution
F5 patches a use-after-free in the HTTP/3 module and a second critical flaw. QUIC-enabled deployments are the immediate concern.
2 min read

Vulnerabilities
HTTP/2 Bomb: A Decade-Old Compression Trick Finally Gets a CVE
A chained HPACK attack lets small packets force runaway memory allocation on nginx, Apache, IIS, Envoy, and Cloudflare's Pingora. Patches are partial. Exposure is wide.
2 min read

Vulnerabilities
HTTP/2 Bomb: Default Configs in NGINX, Apache, IIS, Envoy and Pingora Open Door to Remote DoS
A chained protocol abuse discovered by OpenAI Codex and disclosed by Calif knocks over five of the most widely deployed web servers in their out-of-the-box state.
2 min read