Known Vulnerabilities for products from Nginx
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Nginx".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-60065 json | Not Provided | 2026-07-15 | 2026-07-15 | |
| CVE-2026-60062 json | Not Provided | 2026-07-15 | 2026-07-15 | |
| CVE-2026-60005 json | Not Provided | 2026-07-15 | 2026-07-15 | |
| CVE-2026-58467 json | Not Provided | 2026-07-02 | 2026-07-14 | |
| CVE-2026-58446 json | Not Provided | 2026-06-30 | 2026-07-14 | |
| CVE-2026-56434 json | Not Provided | 2026-07-15 | 2026-07-15 | |
| CVE-2026-55723 json | Not Provided | 2026-07-15 | 2026-07-15 | |
| CVE-2026-54762 json | Not Provided | 2026-06-23 | 2026-06-24 | |
| CVE-2026-54652 json | Not Provided | 2026-07-08 | 2026-07-08 | |
| CVE-2026-53646 json | Not Provided | 2026-07-06 | 2026-07-07 | |
| CVE-2022-35173 json | An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to a correct offset during c... | 7.5 - HIGH | 2022-08-18 | 2022-08-24 |
| CVE-2022-30503 json | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_set_number at src/njs_value.h. | 5.5 - MEDIUM | 2022-06-02 | 2022-06-10 |
| CVE-2022-29780 json | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_prototype_sort at src/njs_array... | 5.5 - MEDIUM | 2022-06-02 | 2022-06-09 |
| CVE-2022-29779 json | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.... | 5.5 - MEDIUM | 2022-06-02 | 2022-06-09 |
| CVE-2022-25139 json | njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in njs_await_fulfilled. | 9.8 - CRITICAL | 2022-02-14 | 2022-03-24 |
| CVE-2021-46463 json | njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in... | 9.8 - CRITICAL | 2022-02-14 | 2022-03-24 |
| CVE-2021-46462 json | njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs... | 7.5 - HIGH | 2022-02-14 | 2022-03-24 |
| CVE-2021-46461 json | njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_v... | 9.8 - CRITICAL | 2022-02-14 | 2022-05-11 |
| CVE-2021-23017 json | A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DN... | 7.7 - HIGH | 2021-06-01 | 2023-11-07 |
| CVE-2020-24349 json | njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers... | 5.5 - MEDIUM | 2020-08-13 | 2022-10-05 |