nginx 0.9

Status EOLSupport 2010-11 – 2011-04Latest 0.9.7Vulnerabilities 18← All nginx versions
Critical 9.8 Unfixed
2016-02-15≤ 0.9.7

nginx: use-after-free during CNAME response processing in resolver

CVE
Critical 9.8 Unfixed
2021-06-06≤ 0.9.7

nginx: buffer overflow in ngx_gmtime() triggered by 5 digit years

CVE
High 8.2 Unfixed
2026-03-24≤ 0.9.7

NGINX ngx_http_dav_module vulnerability

CVE
High 7.7 Unfixed
2021-06-01≤ 0.9.7

nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name

CVE
High 7.5 Unfixed
2026-03-24≤ 0.9.7

NGINX ngx_mail_auth_http_module vulnerability

CVE
High 7.5 Unfixed
2013-11-23≤ 0.9.7

CVE
High 7.5 Unfixed
2016-02-15≤ 0.9.7

nginx: invalid pointer dereference in resolver

CVE
High 7.5 Unfixed
2017-07-13≤ 0.9.7

nginx: Integer overflow in nginx range filter module leading to memory disclosure

CVE
High 7.4 Unfixed
2022-03-23≤ 0.9.7

ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication

CVE
Medium 6.8 Unfixed
2011-12-08≤ 0.9.7

CVE
Medium 5.3 Unfixed
2016-02-15≤ 0.9.7

nginx: Insufficient limits of CNAME resolution in resolver

CVE
Medium 5.3 Unfixed
2020-01-09≤ 0.9.7

nginx: HTTP request smuggling in configurations with URL redirect used as error_page

CVE
Medium 5.0 Unfixed
2012-04-17≤ 0.9.7

CVE
Medium 5.0 Unfixed
2012-07-26≤ 0.9.7

CVE
Medium 4.3
2010-12-06< 0.9.2

openssl: NETSCAPE_REUSE_CIPHER_CHANGE_BUG ciphersuite downgrade attack

CVE
Medium 4.3 Unfixed
2014-12-08≤ 0.9.7

nginx: virtual host confusion

CVE
Low 3.7 Unfixed
2026-03-24≤ 0.9.7

NGINX ngx_mail_proxy_module vulnerability

CVE
Low 3.7 Unfixed
2025-08-13≤ 0.9.7

NGINX ngx_mail_smtp_module vulnerability

CVE