Known Vulnerabilities for products from Nginx
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Nginx".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-44015 json | Not Provided | 2026-05-12 | 2026-05-12 | |
| CVE-2026-42268 json | Not Provided | 2026-05-12 | 2026-05-12 | |
| CVE-2026-42238 json | Not Provided | 2026-05-04 | 2026-05-05 | |
| CVE-2026-42223 json | Not Provided | 2026-05-04 | 2026-05-05 | |
| CVE-2026-42222 json | Not Provided | 2026-05-04 | 2026-05-06 | |
| CVE-2026-42221 json | Not Provided | 2026-05-04 | 2026-05-05 | |
| CVE-2026-42220 json | Not Provided | 2026-05-04 | 2026-05-06 | |
| CVE-2026-40575 json | Not Provided | 2026-04-22 | 2026-04-22 | |
| CVE-2026-40487 json | Not Provided | 2026-04-18 | 2026-04-20 | |
| CVE-2026-34830 json | Not Provided | 2026-04-02 | 2026-04-02 | |
| CVE-2022-35173 json | An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to a correct offset during c... | 7.5 - HIGH | 2022-08-18 | 2022-08-24 |
| CVE-2022-30503 json | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_set_number at src/njs_value.h. | 5.5 - MEDIUM | 2022-06-02 | 2022-06-10 |
| CVE-2022-29780 json | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_prototype_sort at src/njs_array... | 5.5 - MEDIUM | 2022-06-02 | 2022-06-09 |
| CVE-2022-29779 json | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.... | 5.5 - MEDIUM | 2022-06-02 | 2022-06-09 |
| CVE-2022-25139 json | njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in njs_await_fulfilled. | 9.8 - CRITICAL | 2022-02-14 | 2022-03-24 |
| CVE-2021-46463 json | njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in... | 9.8 - CRITICAL | 2022-02-14 | 2022-03-24 |
| CVE-2021-46462 json | njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs... | 7.5 - HIGH | 2022-02-14 | 2022-03-24 |
| CVE-2021-46461 json | njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_v... | 9.8 - CRITICAL | 2022-02-14 | 2022-05-11 |
| CVE-2021-23017 json | A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DN... | 7.7 - HIGH | 2021-06-01 | 2023-11-07 |
| CVE-2020-24349 json | njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers... | 5.5 - MEDIUM | 2020-08-13 | 2022-10-05 |