https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 05 May 2026 10:05:02 +0000 https://vulnerability.circl.lu/sighting/cb31e205-054f-4b1d-97d4-de2b1cf3f40a/export {"uuid": "cb31e205-054f-4b1d-97d4-de2b1cf3f40a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45132", "type": "seen", "source": "https://t.me/cibsecurity/72161", "content": "\u203c CVE-2023-45132 \u203c\n\nNAXSI is an open-source maintenance web application firewall (WAF) for NGINX. An issue present starting in version 1.3 and prior to version 1.6 allows someone to bypass the WAF when a malicious `X-Forwarded-For` IP matches `IgnoreIP` `IgnoreCIDR` rules. This old code was arranged to allow older NGINX versions to also support `IgnoreIP` `IgnoreCIDR` when multiple reverse proxies were present. The issue is patched in version 1.6. As a workaround, do not set any `IgnoreIP` `IgnoreCIDR` for older versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2024-02-13T13:26:36.000000Z"} {"uuid": "cb31e205-054f-4b1d-97d4-de2b1cf3f40a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45132", "type": "seen", "source": "https://t.me/cibsecurity/72161", "content": "\u203c CVE-2023-45132 \u203c\n\nNAXSI is an open-source maintenance web application firewall (WAF) for NGINX. An issue present starting in version 1.3 and prior to version 1.6 allows someone to bypass the WAF when a malicious `X-Forwarded-For` IP matches `IgnoreIP` `IgnoreCIDR` rules. This old code was arranged to allow older NGINX versions to also support `IgnoreIP` `IgnoreCIDR` when multiple reverse proxies were present. The issue is patched in version 1.6. As a workaround, do not set any `IgnoreIP` `IgnoreCIDR` for older versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2024-02-13T13:26:36.000000Z"} https://vulnerability.circl.lu/sighting/cb31e205-054f-4b1d-97d4-de2b1cf3f40a/export Tue, 13 Feb 2024 13:26:36 +0000