Critical 9.8 Unfixed
2016-02-15≤ 1.1.19
nginx: use-after-free during CNAME response processing in resolver
nginx 1.1
Critical 9.8 Unfixed
2021-06-06≤ 1.1.19
nginx: buffer overflow in ngx_gmtime() triggered by 5 digit years
High 8.2 Unfixed
2026-03-24≤ 1.1.19
NGINX ngx_http_dav_module vulnerability
High 7.8 Unfixed
2026-03-24= 1.1.19
NGINX ngx_http_mp4_module vulnerability
High 7.8 Unfixed
2026-03-24≥ 1.1.19 and ≤ 1.1.19
NGINX ngx_http_mp4_module vulnerability
High 7.7 Unfixed
2021-06-01≤ 1.1.19
nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name
High 7.5 Unfixed
2026-03-24≤ 1.1.19
NGINX ngx_mail_auth_http_module vulnerability
High 7.5 Unfixed
2013-10-27≤ 1.1.19
High 7.5 Unfixed
2013-11-23≤ 1.1.19
High 7.5 Unfixed
2016-02-15≤ 1.1.19
nginx: invalid pointer dereference in resolver
High 7.5 Unfixed
2017-07-13≤ 1.1.19
nginx: Integer overflow in nginx range filter module leading to memory disclosure
High 7.4 Unfixed
2022-03-23≤ 1.1.19
ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication
High 7.1 Unfixed
2022-10-19≥ 1.1.3 and ≤ 1.1.19
NGINX ngx_http_mp4_module vulnerability CVE-2022-41742
Medium 6.8
2011-12-08≤ 1.1.7
Medium 6.8
2012-04-17≥ 1.1.3 and ≤ 1.1.18
Medium 6.1 Unfixed
2018-11-07≥ 1.1.3 and ≤ 1.1.19
nginx: Denial of service and memory disclosure via mp4 module
Medium 5.8 Unfixed
2013-07-18≥ 1.1.4 and ≤ 1.1.19
Medium 5.3 Unfixed
2016-02-15≤ 1.1.19
nginx: Insufficient limits of CNAME resolution in resolver
Medium 5.3 Unfixed
2020-01-09≤ 1.1.19
nginx: HTTP request smuggling in configurations with URL redirect used as error_page
Medium 5.0
2012-04-17< 1.1.17
Medium 5.0 Unfixed
2012-07-26≤ 1.1.19
Medium 4.3 Unfixed
2014-12-08≤ 1.1.19
nginx: virtual host confusion
Low 3.7 Unfixed
2026-03-24≤ 1.1.19
NGINX ngx_mail_proxy_module vulnerability
Low 3.7 Unfixed
2025-08-13≤ 1.1.19
NGINX ngx_mail_smtp_module vulnerability