Known Vulnerabilities for products from Nginx
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Nginx".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40575 json | Not Provided | 2026-04-22 | 2026-04-21 | |
| CVE-2026-40487 json | Not Provided | 2026-04-18 | 2026-04-20 | |
| CVE-2026-34830 json | Not Provided | 2026-04-02 | 2026-04-02 | |
| CVE-2026-34759 json | Not Provided | 2026-04-02 | 2026-04-03 | |
| CVE-2026-34457 json | Not Provided | 2026-04-14 | 2026-04-15 | |
| CVE-2026-34403 json | Not Provided | 2026-04-20 | 2026-04-21 | |
| CVE-2026-33432 json | Not Provided | 2026-04-20 | 2026-04-21 | |
| CVE-2026-33431 json | Not Provided | 2026-04-20 | 2026-04-21 | |
| CVE-2026-33032 json | Not Provided | 2026-03-30 | 2026-04-16 | |
| CVE-2026-33031 json | Not Provided | 2026-04-20 | 2026-04-21 | |
| CVE-2022-35173 json | An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to a correct offset during c... | 7.5 - HIGH | 2022-08-18 | 2022-08-24 |
| CVE-2022-30503 json | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_set_number at src/njs_value.h. | 5.5 - MEDIUM | 2022-06-02 | 2022-06-10 |
| CVE-2022-29780 json | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_prototype_sort at src/njs_array... | 5.5 - MEDIUM | 2022-06-02 | 2022-06-09 |
| CVE-2022-29779 json | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.... | 5.5 - MEDIUM | 2022-06-02 | 2022-06-09 |
| CVE-2022-25139 json | njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in njs_await_fulfilled. | 9.8 - CRITICAL | 2022-02-14 | 2022-03-24 |
| CVE-2021-46463 json | njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in... | 9.8 - CRITICAL | 2022-02-14 | 2022-03-24 |
| CVE-2021-46462 json | njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs... | 7.5 - HIGH | 2022-02-14 | 2022-03-24 |
| CVE-2021-46461 json | njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_v... | 9.8 - CRITICAL | 2022-02-14 | 2022-05-11 |
| CVE-2021-23017 json | A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DN... | 7.7 - HIGH | 2021-06-01 | 2023-11-07 |
| CVE-2020-24349 json | njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers... | 5.5 - MEDIUM | 2020-08-13 | 2022-10-05 |