Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

USN-5371-1: nginx vulnerabilities

Related Vulnerabilities: CVE-2020-11724   CVE-2020-36309   CVE-2021-3618  

Several security issues were fixed in nginx.

It was discovered that nginx mishandled the use of compatible certificates among multiple encryption protocols. If a remote attacker were able to intercept the communication, this issue could be used to redirect traffic between subdomains. (CVE-2021-3618)

Source

Details

It was discovered that nginx Lua module mishandled certain inputs.
An attacker could possibly use this issue to perform an HTTP Request
Smuggling attack. This issue only affects Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-11724)

It was discovered that nginx Lua module mishandled certain inputs.
An attacker could possibly use this issue to disclose sensitive
information. This issue only affects Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-36309)

It was discovered that nginx mishandled the use of
compatible certificates among multiple encryption protocols.
If a remote attacker were able to intercept the communication,
this issue could be used to redirect traffic between subdomains.
(CVE-2021-3618)

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started