nginx (SUSE:Linux Enterprise High Performance Computing 15-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Performance Computing 15-LTSS package nginx, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2021-23017 — CVSS 7.7 (high): A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to…
CVE-2021-3618 — CVSS 7.4 (high): ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using…
CVE-2019-20372 — CVSS 5.3 (medium): NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker…